FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gitlab -- Remote code execution on project import

Affected packages
gitlab < 10.1.6

Details

VuXML ID 65fab89f-2231-46db-8541-978f4e87f32a
Discovery 2018-01-16
Entry 2018-01-17

GitLab developers report:

Today we are releasing versions 10.3.4, 10.2.6, and 10.1.6 for GitLab Community Edition (CE) and Enterprise Edition (EE).

These versions contain a number of important security fixes, including two that prevent remote code execution, and we strongly recommend that all GitLab installations be upgraded to one of these versions immediately.

[source]

References

CVE Name CVE-2017-0915
CVE Name CVE-2018-3710
URL https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.