Your message dated Thu, 12 Sep 2019 06:49:20 +0000 with message-id <e1i8iuu-000e3l...@fasolo.debian.org> and subject line Bug#940007: fixed in gitlab 12.0.9-1 has caused the Debian Bug report #940007, regarding gitlab: CVE-2019-16170: Project Template Functionality Could Be Used to Access Restricted Project Data to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 940007: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940007 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: gitlab Version: 11.8.10+dfsg-1 Severity: grave Tags: security upstream Control: found -1 12.0.8-2 Control: found -1 12.0.8-1 Hi, The following vulnerability was published for gitlab. CVE-2019-16170[0]: |Project Template Functionality Could Be Used to Access Restricted |Project Data If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-16170 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16170 [1] https://about.gitlab.com/2019/09/10/critical-security-release-gitlab-12-dot-2-dot-5-released/ Regards, Salvatore
--- End Message ---
--- Begin Message ---Source: gitlab Source-Version: 12.0.9-1 We believe that the bug you reported is fixed in the latest version of gitlab, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 940...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Nilesh <npatra...@gmail.com> (supplier of updated gitlab package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 11 Sep 2019 10:12:18 -0400 Source: gitlab Architecture: source Version: 12.0.9-1 Distribution: experimental Urgency: high Maintainer: Debian Ruby Extras Maintainers <pkg-ruby-extras-maintain...@lists.alioth.debian.org> Changed-By: Nilesh <npatra...@gmail.com> Closes: 940007 Changes: gitlab (12.0.9-1) experimental; urgency=high . * Team Upload * New upstream version 12.0.9 (Closes: #940007) (Fixes: CVE-2019-16170) Checksums-Sha1: 77c99bd953f4a7e262f087abd42bb65aa40eb466 2314 gitlab_12.0.9-1.dsc 5b101fa06aa6aad6ac7e68997a33415b16bfa72c 72973516 gitlab_12.0.9.orig.tar.bz2 f94fb2edf341b6c09043a1cb9ce3a5aedde3594a 1161420 gitlab_12.0.9-1.debian.tar.xz cbdc3511354e5b38671761936841d965877bdfcf 12920 gitlab_12.0.9-1_amd64.buildinfo Checksums-Sha256: 78d7f9f2c4e67bb0310f7cc946d1e49d15af30c16f24c2922877f281b4b6c194 2314 gitlab_12.0.9-1.dsc a0dd0c4b8bee1421cb3c1c677e449e0c9755b8320f6a96e8fdd0792e980af0c1 72973516 gitlab_12.0.9.orig.tar.bz2 b089a2729bf600b3d1c61f803f947f686d026522754c3a3e674c79016f10d43d 1161420 gitlab_12.0.9-1.debian.tar.xz 5756288ca4a5ca524655db922f58fe597abab803c18d5f34f63fbb9de7d1cd1e 12920 gitlab_12.0.9-1_amd64.buildinfo Files: 23ced619a7f05eb99bfd759766c5d97a 2314 net optional gitlab_12.0.9-1.dsc 9907d968982f960ce3012adad8683081 72973516 net optional gitlab_12.0.9.orig.tar.bz2 5cc6c0ae823821a1e3dc497a6c30e7dd 1161420 net optional gitlab_12.0.9-1.debian.tar.xz 3f9d0bcb7d37bc83ee5ff361bee66ab5 12920 net optional gitlab_12.0.9-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbJ0QSEqa5Mw4X3xxgj6WdgbDS5YFAl154soACgkQgj6WdgbD S5Z3txAAvTp2vQDxatTc6XQGFvIyktRU+5WQvdhQ9h0cBoRhvBtIHAC38rN9A4FK 8cdsW8QrGa/LL779m+Rl6C+xF3S94TsLkEOpSVz6z5jyhh3v/ssJxzEu4m5CoKEo EU+9cyG6I0a3szpoQY5YjAWFzdnPwqFG5rMrIEpUA/tbCKBOOmmLYqE6nRBOZR1C Usm/CCoC8M/xIKa7aZuO9A+5/htkJz6YdiD+SG2S2lZ5e+NYpIqNij+1s2HC8r41 /9KGmnR/3FD0OoatCYNt3WQeoOe1m+nE51/7mO2Szdo7NidoP86M/Ehlt869NA4l y5UE6tNwyeVab7LnHqS31tD/YmlX8FDj/Ip3w1jd/tEUuTCqFtkhcXRC/ekrqRuc pF3sRfigI6KwsN8VFVmuBqw3BfqcFmiZqQ4Cw0IY1MB7tEZDUcRXDtm7xR8XxSnV JMczrvFewwXPMvSpbyxJAiVE0Jck9j+vnYN1DojgReQmjP2E3huftPh08bdcrJBJ 6Oh2dGfwj5HUsLsBQR/Ex62cQES4zhtzU4SuDa8NlmsmPBeAOFi3U7Vd1iJeT/hA Oltr0u4V+Ug1sK1cWn44NVR2z/UWqsvnPCBZDoN+rl0JB4f0xyNcu2Jknh+Y0P4N vJ8xgBAkW10BaWatILn5TfJ11yn40oK83Ki6UD2/6qb+CInVdI0= =LrKt -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ Pkg-ruby-extras-maintainers mailing list Pkg-ruby-extras-maintainers@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-ruby-extras-maintainers
