[Git][security-tracker-team/security-tracker][master] new gitlab issues

Moritz Muehlenhoff jmm at debian.org
Fri Oct 2 12:24:50 BST 2020 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9adec4f8 by Moritz Muehlenhoff at 2020-10-02T13:24:29+02:00
new gitlab issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -28756,41 +28756,46 @@ CVE-2020-13338
 CVE-2020-13337
 	RESERVED
 CVE-2020-13336 (An issue has been discovered in GitLab affecting versions from 11.8 be ...)
-	TODO: check
+	- gitlab <unfixed>
 CVE-2020-13335
 	RESERVED
+	- gitlab <unfixed>
 CVE-2020-13334
 	RESERVED
+	- gitlab <unfixed>
 CVE-2020-13333
 	RESERVED
+	- gitlab <unfixed>
 CVE-2020-13332
 	RESERVED
+	- gitlab <unfixed>
 CVE-2020-13331 (An issue has been discovered in GitLab affecting versions prior to 12. ...)
-	TODO: check
+	- gitlab 13.2.3-2
 CVE-2020-13330 (An issue has been discovered in GitLab affecting versions prior to 12. ...)
-	TODO: check
+	- gitlab 13.2.3-2
 CVE-2020-13329 (An issue has been discovered in GitLab affecting versions from 12.6.2  ...)
-	TODO: check
+	- gitlab 13.2.3-2
 CVE-2020-13328 (An issue has been discovered in GitLab affecting versions prior to 13. ...)
-	TODO: check
+	- gitlab 13.2.3-2
 CVE-2020-13327
 	RESERVED
+	- gitlab-runner <unfixed>
 CVE-2020-13326 (A vulnerability was discovered in GitLab versions prior to 13.1. Under ...)
-	TODO: check
+	- gitlab 13.2.3-2
 CVE-2020-13325 (A vulnerability was discovered in GitLab versions prior 13.1. The comm ...)
-	TODO: check
+	- gitlab 13.2.3-2
 CVE-2020-13324 (A vulnerability was discovered in GitLab versions prior to 13.1. Under ...)
-	TODO: check
+	- gitlab 13.2.3-2
 CVE-2020-13323 (A vulnerability was discovered in GitLab versions prior 13.1. Under ce ...)
-	TODO: check
+	- gitlab 13.2.3-2
 CVE-2020-13322 (A vulnerability was discovered in GitLab versions after 12.9. Due to i ...)
-	TODO: check
+	- gitlab 13.2.3-2
 CVE-2020-13321 (A vulnerability was discovered in GitLab versions prior to 13.1. Usern ...)
-	TODO: check
+	- gitlab 13.2.3-2
 CVE-2020-13320 (An issue has been discovered in GitLab before version 12.10.13 that al ...)
-	TODO: check
+	- gitlab 13.2.3-2
 CVE-2020-13319 (An issue has been discovered in GitLab affecting versions prior to 13. ...)
-	TODO: check
+	- gitlab 13.2.3-2
 CVE-2020-13318 (A vulnerability was discovered in GitLab versions before 13.0.12, 13.1 ...)
 	- gitlab 13.2.8-1
 	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
@@ -28858,7 +28863,7 @@ CVE-2020-13297 (A vulnerability was discovered in GitLab versions before 13.1.10
 	- gitlab 13.2.8-1
 	NOTE: https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
 CVE-2020-13296 (An issue has been discovered in GitLab affecting versions >=10.7 &l ...)
-	TODO: check
+	- gitlab 13.2.6-1
 CVE-2020-13295 (For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd ...)
 	- gitlab-ci-multi-runner <unfixed>
 	NOTE: https://about.gitlab.com/releases/2020/08/05/gitlab-13-2-3-released/
@@ -60613,7 +60618,7 @@ CVE-2020-1765 (An improper control of parameters allows the spoofing of the from
 CVE-2019-19394 (Northern.tech CFEngine Enterprise before 3.10.7, 3.11.x and 3.12.x bef ...)
 	NOT-FOR-US: CFEngine Enterprise
 CVE-2019-19393 (The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00_2 to  ...)
-	TODO: check
+	NOT-FOR-US: Rittal
 CVE-2019-19392 (The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly Dot ...)
 	NOT-FOR-US: forDNN.UsersExportImport module for DNN
 CVE-2019-19391 (** DISPUTED ** In LuaJIT through 2.0.5, as used in Moonjit before 2.1. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9adec4f88038b426c9a88a28854e15aed422a2ad

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9adec4f88038b426c9a88a28854e15aed422a2ad
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201002/ca5a7bc7/attachment.html>

More information about the debian-security-tracker-commits mailing list