Source: gitlab Version: 8.13.11+dfsg1-12 Severity: grave Tags: upstream security
Hi See https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/ for which several go back to 8.9.0 versions. There are three CVEs out of https://security-tracker.debian.org/tracker/source-package/gitlab belonging to that list wich are yet marked undetermined, because not clear from the advisory if 8.13.11=dfsg1-12 might be affected. But assuming the 'version affected' information is correct, they are not, please confirm so we can adjust the security-tracker information. Regards, Salvatore -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 4.14.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
