[Git][security-tracker-team/security-tracker][master] Track two CVEs fixed in experimental for gitlab

Salvatore Bonaccorso carnil at debian.org
Fri Feb 21 22:23:42 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
57ed263b by Salvatore Bonaccorso at 2020-02-21T23:22:36+01:00
Track two CVEs fixed in experimental for gitlab

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3012,6 +3012,7 @@ CVE-2020-7974 (GitLab EE 10.1 through 12.7.2 allows Information Disclosure. ...)
 	- gitlab <not-affected> (Only affects Gitlab EE 10.1 and later)
 	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
 CVE-2020-7973 (GitLab through 12.7.2 allows XSS. ...)
+	[experimental] - gitlab 12.6.7-1
 	- gitlab <unfixed>
 	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
 CVE-2020-7972 (GitLab EE 12.2 has Insecure Permissions (issue 2 of 2). ...)
@@ -3026,6 +3027,7 @@ CVE-2020-7969 (GitLab EE 8.0 and later through 12.7.2 allows Information Disclos
 	- gitlab <not-affected> (Only affects Gitlab EE 8.0 and later)
 	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
 CVE-2020-7968 (GitLab EE 8.0 through 12.7.2 has Incorrect Access Control. ...)
+	[experimental] - gitlab 12.6.7-1
 	- gitlab <unfixed>
 	NOTE: https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/
 CVE-2020-7967 (GitLab EE 8.0 through 12.7.2 has Insecure Permissions (issue 1 of 2). ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/57ed263b77b417679d1f375b7fa4362f36e898ef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/57ed263b77b417679d1f375b7fa4362f36e898ef
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200221/55d1e2d0/attachment.html>

More information about the debian-security-tracker-commits mailing list