1
0
mirror of https://git.FreeBSD.org/ports.git synced 2025-01-17 08:01:36 +00:00

Document GitLab issue

This commit is contained in:
Steve Wills 2018-01-17 20:50:17 +00:00
parent c2cb9f1eb5
commit 1e4acf7f24
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=459287

View File

@ -58,6 +58,38 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
<vuln vid="65fab89f-2231-46db-8541-978f4e87f32a">
<topic>gitlab -- Remote code execution on project import</topic>
<affects>
<package>
<name>gitlab</name>
<range><lt>10.1.6</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>GitLab developers report:</p>
<blockquote cite="https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/">
<p>Today we are releasing versions 10.3.4, 10.2.6, and 10.1.6 for
GitLab Community Edition (CE) and Enterprise Edition (EE).</p>
<p>These versions contain a number of important security fixes,
including two that prevent remote code execution, and we strongly
recommend that all GitLab installations be upgraded to one of these
versions immediately.</p>
</blockquote>
</body>
</description>
<references>
<url>https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/</url>
<cvename>CVE-2017-0915</cvename>
<cvename>CVE-2018-3710</cvename>
</references>
<dates>
<discovery>2018-01-16</discovery>
<entry>2018-01-17</entry>
</dates>
</vuln>
<vuln vid="3e5b8bd3-0c32-452f-a60e-beab7b762351">
<topic>transmission-daemon -- vulnerable to dns rebinding attacks</topic>
<affects>