Date: Thu, 14 Jan 2021 12:03:01 +0000 (UTC) From: Matthias Fechner <mfechner@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r561551 - head/security/vuxml Message-ID: <202101141203.10EC31r0047235@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mfechner Date: Thu Jan 14 12:03:01 2021 New Revision: 561551 URL: https://svnweb.freebsd.org/changeset/ports/561551 Log: Document gitlab vulnerability. Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Thu Jan 14 10:47:51 2021 (r561550) +++ head/security/vuxml/vuln.xml Thu Jan 14 12:03:01 2021 (r561551) @@ -58,6 +58,33 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="0a8ebf4a-5660-11eb-b4e2-001b217b3468"> + <topic>Gitlab -- vulnerability</topic> + <affects> + <package> + <name>gitlab-ce</name> + <range><ge>13.7.0</ge><lt>13.7.4</lt></range> + <range><ge>13.6.0</ge><lt>13.6.5</lt></range> + <range><ge>12.2</ge><lt>13.5.7</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>SO-AND-SO reports:</p> + <blockquote cite="https://about.gitlab.com/releases/2021/01/14/critical-security-release-gitlab-13-7-4-released/">; + <p>Ability to steal a user's API access token through GitLab Pages</p> + </blockquote> + </body> + </description> + <references> + <url>https://about.gitlab.com/releases/2021/01/14/critical-security-release-gitlab-13-7-4-released/</url>; + </references> + <dates> + <discovery>2021-01-14</discovery> + <entry>2021-01-14</entry> + </dates> + </vuln> + <vuln vid="6d554d6e-5638-11eb-9d36-5404a68ad561"> <topic>wavpack -- integer overflow in pack_utils.c</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202101141203.10EC31r0047235>