[DRE-maint] Bug#847157: gitlab: CVE-2016-9469
Salvatore Bonaccorso
carnil at debian.org
Tue Dec 6 06:22:00 UTC 2016
Source: gitlab
Version: 8.13.3+dfsg1-2
Severity: grave
Tags: security upstream
Hi,
the following vulnerability was published for gitlab.
CVE-2016-9469[0]:
|Denial-of-Service and Data Corruption Vulnerability in Issue and Merge
|Request Trackers
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-9469
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9469
[1] https://about.gitlab.com/2016/12/05/cve-2016-9469/
According to upstream all 8.13.0 through 8.13.7 are affected.
Regards,
Salvatore
More information about the Pkg-ruby-extras-maintainers
mailing list