forked from mirrors/nixpkgs
c25756f91c
Includes multiple security fixes mentioned in https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/ (unfortunately, no CVE numbers as of yet) - Directory Traversal to Arbitrary File Read - Account Takeover Through Expired Link - Server Side Request Forgery Through Deprecated Service - Group Two-Factor Authentication Requirement Bypass - Stored XSS in Merge Request Pages - Stored XSS in Merge Request Submission Form - Stored XSS in File View - Stored XSS in Grafana Integration - Contribution Analytics Exposed to Non-members - Incorrect Access Control in Docker Registry via Deploy Tokens - Denial of Service via Permission Checks - Denial of Service in Design For Public Issue - GitHub Tokens Displayed in Plaintext on Integrations Page - Incorrect Access Control via LFS Import - Unescaped HTML in Header - Private Merge Request Titles Leaked via Widget - Project Namespace Exposed via Vulnerability Feedback Endpoint - Denial of Service Through Recursive Requests - Project Authorization Not Being Updated - Incorrect Permission Level For Group Invites - Disclosure of Private Group Epic Information - User IP Address Exposed via Badge images - Update postgresql (GitLab Omnibus) |
||
---|---|---|
.. | ||
arch | ||
bazaar | ||
bcompare | ||
bitkeeper | ||
blackbox | ||
cvs | ||
cvs-fast-export | ||
cvs2svn | ||
cvsps | ||
cvsq | ||
dvc | ||
fossil | ||
gerrit | ||
git-and-tools | ||
git-backup | ||
git-crecord | ||
git-lfs | ||
git-repo | ||
git-review | ||
git-sizer | ||
git-up | ||
gitea | ||
gitinspector | ||
gitkraken | ||
gitlab | ||
gitless | ||
gitolite | ||
gitstats | ||
gogs | ||
gource | ||
guitone | ||
meld | ||
mercurial | ||
monotone | ||
monotone-viz | ||
mr | ||
nbstripout | ||
nitpick | ||
p4v | ||
peru | ||
pijul | ||
rabbitvcs | ||
rapidsvn | ||
rcs | ||
redmine | ||
reposurgeon | ||
sit | ||
smartgithg | ||
sourcehut | ||
src | ||
srcml | ||
sublime-merge | ||
subversion | ||
tailor | ||
tkcvs | ||
tortoisehg | ||
vcprompt | ||
vcsh | ||
yadm |