3
0
Fork 0
forked from mirrors/nixpkgs
nixpkgs/pkgs/applications
Florian Klink 5bf07d665f gitlab: 12.5.3 -> 12.5.4
https://about.gitlab.com/blog/2019/12/10/critical-security-release-gitlab-12-5-4-released/

Insufficient parameter sanitization for Maven package registry could lead to privilege escalation and remote code execution vulnerabilities under certain conditions. The issue is now mitigated in the latest release and is assigned CVE-2019-19628.

When transferring a public project to a private group, private code would be disclosed via the Group Search API provided by Elasticsearch integration. The issue is now mitigated in the latest release and is assigned CVE-2019-19629.

The Git dependency has been upgraded to 2.22.2 in order to apply security fixes detailed here.

CVE-2019-19604 was identified by the GitLab Security Research team. For more information on that issue, please visit the GitLab Security Research Advisory

closes #75506.
2019-12-11 15:16:36 +01:00
..
accessibility contrast: init at 0.0.2 2019-10-31 09:46:15 -04:00
audio Merge pull request #75315 from r-ryantm/auto-update/pulseeffects 2019-12-10 03:38:23 +01:00
backup deja-dup: 38.3 → 40.4 2019-11-20 04:58:00 +01:00
blockchains monero: 0.15.0.0 -> 0.15.0.1 2019-12-09 18:56:27 +01:00
display-managers lightdm_gtk_greeter: 2.0.6 -> 2.0.7 2019-12-01 18:49:12 +01:00
editors Merge pull request #75157 from bergey/nano-fix-build-MacOS 2019-12-10 15:32:27 -05:00
gis grass: fix mysql_config query 2019-12-08 11:08:31 +01:00
graphics mirage: remove 2019-12-10 22:33:11 -05:00
kde ark: add package description 2019-12-07 21:53:40 +00:00
misc pmenu: remove 2019-12-10 22:42:06 -05:00
networking zeek: 3.0.0 -> 3.0.1 2019-12-11 00:17:03 -08:00
office tryton: 4.8.5 -> 5.4.0 2019-12-10 22:38:21 -05:00
qubes/qubes-core-vchan-xen qubes-core-vchan-xen: init at 4.1.2 2019-10-02 15:26:53 +00:00
radio welle-io: 2.0 -> 2.1 2019-12-06 19:31:56 +01:00
science Merge pull request #75416 from jbedo/bedtools 2019-12-10 23:58:03 +01:00
search dconf: move to top-level 2019-12-01 01:01:40 +01:00
version-management gitlab: 12.5.3 -> 12.5.4 2019-12-11 15:16:36 +01:00
video recordmydesktop: remove 2019-12-10 22:39:37 -05:00
virtualization conmon: v2.0.3 -> v2.0.4 2019-12-09 18:36:35 +01:00
window-managers Merge pull request #73855 from OlivierMarty/i3blocks 2019-12-02 13:35:32 -05:00