Index: vuln.xml =================================================================== --- vuln.xml +++ vuln.xml @@ -58,6 +58,39 @@ * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + Gitlab -- multiple vulnerabilities + + + gitlab + 10.8.010.8.2 + 10.7.010.7.5 + 1.010.6.6 + + + + +

GitLab reports:

+
+

Removing public deploy keys regression

+

Users can update their password without entering current password

+

Persistent XSS - Selecting users as allowed merge request approvers

+

Persistent XSS - Multiple locations of user selection drop downs

+

include directive in .gitlab-ci.yml allows SSRF requests

+

Permissions issue in Merge Requests Create Service

+

Arbitrary assignment of project fields using "Import project"

+
+ +
+ + https://about.gitlab.com/2018/05/29/security-release-gitlab-10-dot-8-dot-2-released/ + + + 2018-05-29 + 2018-05-31 + +
+ strongswan -- Fix Denial-of-Service Vulnerability strongSwan (CVE-2018-10811, CVE-2018-5388)