FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Multiple Vulnerabilities

Affected packages
12.9.0 <= gitlab-ce < 12.9.3
12.8.0 <= gitlab-ce < 12.8.9
0 <= gitlab-ce < 12.7.9

Details

VuXML ID 570706ff-7ee0-11ea-bd0b-001b217b3468
Discovery 2020-04-14
Entry 2020-04-15

Gitlab reports:

NuGet Package and File Disclosure through GitLab Workhorse

Job Artifact Uploads and File Disclosure through GitLab Workhorse

Incorrect membership following group removal

Logging of Praefect tokens

Update Rack dependency

Update OpenSSL dependency

[source]

References

CVE Name CVE-2020-11505
CVE Name CVE-2020-11506
CVE Name CVE-2020-11649
CVE Name CVE-2020-16782
URL https://about.gitlab.com/releases/2020/04/14/critical-security-release-gitlab-12-dot-9-dot-3-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.