Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
64b4379b by Moritz Muehlenhoff at 2025-01-29T20:18:00+01:00
more gitlab issues fixed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -50855,7 +50855,7 @@ CVE-2024-41459 (Tenda FH1201 v1.2.0.14 was discovered
to contain a stack-based b
CVE-2024-41136 (An authenticated command injection vulnerability exists in the
HPE Aru ...)
NOT-FOR-US: HPE Aruba Networking EdgeConnect SD-WAN gateways
CVE-2024-0231 (A resource misdirection vulnerability in GitLab CE/EE versions
12.0 pr ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-41091 (In the Linux kernel, the following vulnerability has been
resolved: t ...)
{DSA-5747-1 DLA-4008-1}
- linux 6.9.12-1
@@ -57411,9 +57411,9 @@ CVE-2024-22231 (Syndic cache directory creation is
vulnerable to a directory tra
CVE-2024-1839 (Intrado 911 Emergency Gateway login form is vulnerable to an
unauthent ...)
NOT-FOR-US: Intrado 911 Emergency Gateway
CVE-2024-1816 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-1493 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-1330 (The kadence-blocks-pro WordPress plugin before 2.3.8 does not
prevent ...)
NOT-FOR-US: WordPress plugin
CVE-2024-XXXX [RUSTSEC-2024-0345]
@@ -61527,11 +61527,11 @@ CVE-2024-20784 (Adobe Experience Manager versions
6.5.20 and earlier are affecte
CVE-2024-20769 (Adobe Experience Manager versions 6.5.20 and earlier are
affected by a ...)
NOT-FOR-US: Adobe
CVE-2024-1963 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-1736 (An issue has been discovered in GitLab CE/EE affecting all
versions pr ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-1495 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2023-52890 (NTFS-3G before 75dcdc2 has a use-after-free in
ntfs_uppercase_mbs in l ...)
- ntfs-3g 1:2022.10.3-3 (bug #1073248)
[bookworm] - ntfs-3g 1:2022.10.3-1+deb12u1
@@ -66922,7 +66922,7 @@ CVE-2024-36011 (In the Linux kernel, the following
vulnerability has been resolv
[buster] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/d2706004a1b8b526592e823d7e52551b518a7941 (6.9)
CVE-2024-1947 (A denial of service (DoS) condition was discovered in GitLab
CE/EE aff ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
NOTE:
https://about.gitlab.com/releases/2024/05/22/patch-release-gitlab-17-0-1-released/
CVE-2023-6502 (A Denial of Service (DoS) condition has been discovered in
GitLab CE/E ...)
- gitlab 17.3.5-2
@@ -79854,7 +79854,7 @@ CVE-2024-22373 (An out-of-bounds write vulnerability
exists in the JPEG2000Codec
CVE-2024-22144 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
NOT-FOR-US: WordPress plugin
CVE-2024-1347 (An issue has been discovered in GitLab CE/EE affecting all
versions be ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2023-52220 (Missing Authorization vulnerability in MonsterInsights Google
Analytic ...)
NOT-FOR-US: MonsterInsights Google Analytics
CVE-2023-51484 (Improper Authentication vulnerability in wp-buy Login as User
or Custo ...)
@@ -99028,7 +99028,7 @@ CVE-2024-0861 (An issue has been discovered in GitLab
EE affecting all versions
CVE-2023-4895 (An issue has been discovered in GitLab EE affecting all
versions start ...)
- gitlab <not-affected> (Specific to EE)
CVE-2024-1525 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2023-6477 (An issue has been discovered in GitLab EE affecting all
versions start ...)
- gitlab <not-affected> (Specific to EE)
CVE-2024-1451 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64b4379b60afbd83aa872f00f2fd91af1810a54a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64b4379b60afbd83aa872f00f2fd91af1810a54a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
