[DRE-maint] Bug#926482: gitlab: CVE-2018-5158 CVE-2019-10109 CVE-2019-10110 CVE-2019-10111 CVE-2019-10113 CVE-2019-10115 CVE-2019-10116 CVE-2019-10640

Salvatore Bonaccorso carnil at debian.org
Fri Apr 5 22:38:23 BST 2019 

Source: gitlab
Version: 11.8.3-1
Severity: grave
Tags: security upstream
Justification: user security hole

Hi,

The following vulnerabilities were published for gitlab, fixed
upstream in the 11.9.4, 11.8.6, and 11.7.10 releases.

CVE-2018-5158[0]:
| The PDF viewer does not sufficiently sanitize PostScript calculator
| functions, allowing malicious JavaScript to be injected through a
| crafted PDF file. This JavaScript can then be run with the permissions
| of the PDF viewer by its worker. This vulnerability affects Firefox
| ESR < 52.8 and Firefox < 60.


CVE-2019-10109[1]:
EXIF geolocation data not stripped from uploaded images

CVE-2019-10110[2]:
Improper authorization control "move issue"

CVE-2019-10111[3]:
Persistent XSS at merge request resolve conflicts

CVE-2019-10113[4]:
DoS potential on project languages page

CVE-2019-10115[5]:
Guest users of private projects have access to releases

CVE-2019-10116[6]:
Related branches visible in issues for guests

CVE-2019-10640[7]:
DoS potential for regex in CI/CD refs

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2018-5158
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5158
[1] https://security-tracker.debian.org/tracker/CVE-2019-10109
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10109
[2] https://security-tracker.debian.org/tracker/CVE-2019-10110
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10110
[3] https://security-tracker.debian.org/tracker/CVE-2019-10111
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10111
[4] https://security-tracker.debian.org/tracker/CVE-2019-10113
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10113
[5] https://security-tracker.debian.org/tracker/CVE-2019-10115
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10115
[6] https://security-tracker.debian.org/tracker/CVE-2019-10116
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10116
[7] https://security-tracker.debian.org/tracker/CVE-2019-10640
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10640
[8] https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/

Regards,
Salvatore

More information about the Pkg-ruby-extras-maintainers mailing list