FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- multiple vulnerabilities

Affected packages
10.7.0 <= gitlab < 10.7.2
10.6.0 <= gitlab < 10.6.5
9.5.0 <= gitlab < 10.5.8

Details

VuXML ID 9dfe61c8-4d15-11e8-8f2f-d8cb8abf62dd
Discovery 2018-04-30
Entry 2018-05-01

GitLab reports:

Persistent XSS in Move Issue using project namespace

Download Archive allowing unauthorized private repo access

Mattermost Updates

References

CVE Name CVE-2018-10379
URL https://about.gitlab.com/2018/04/30/security-release-gitlab-10-dot-7-dot-2-released