Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f8958b72 by Moritz Muehlenhoff at 2025-01-31T10:00:24+01:00
more gitlab issues fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -47615,7 +47615,7 @@ CVE-2024-37382 (An issue discovered in import host
feature in Ab Initio Metadata
CVE-2024-37023 (Multiple OS command injection vulnerabilities affecting Vonets
indu ...)
NOT-FOR-US: Vonets industrial wifi bridge relays and wifi bridge
repeaters
CVE-2024-2800 (ReDoS flaw in RefMatcher when matching branch names using
wildcards in ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
NOTE: https://gitlab.com/gitlab-org/gitlab/-/issues/451293
NOTE: https://hackerone.com/reports/2416332
CVE-2024-29082 (Improper access control vulnerability affecting Vonets
industrial wi ...)
@@ -55633,7 +55633,7 @@ CVE-2024-30061 (Microsoft Dynamics 365 (On-Premises)
Information Disclosure Vuln
CVE-2024-30013 (Windows MultiPoint Services Remote Code Execution
Vulnerability)
NOT-FOR-US: Microsoft
CVE-2024-2177 (A Cross Window Forgery vulnerability exists within GitLab CE/EE
affect ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-29153 (A vulnerability was discovered in Samsung Mobile Processor,
Wearable P ...)
NOT-FOR-US: Siemens
CVE-2024-28928 (SQL Server Native Client OLE DB Provider Remote Code Execution
Vulnera ...)
@@ -57912,7 +57912,7 @@ CVE-2024-37247 (Improper Neutralization of Input During
Web Page Generation (XSS
CVE-2024-36829 (Incorrect access control in Teldat M1 v11.00.05.50.01 allows
attackers ...)
NOT-FOR-US: Teldat M1
CVE-2024-2191 (An issue was discovered in GitLab CE/EE affecting all versions
startin ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-28984 (Hitachi Vantara Pentaho Business Analytics Server prior to
versions 10 ...)
NOT-FOR-US: Hitachi
CVE-2024-28983 (Hitachi Vantara Pentaho Business Analytics Server prior to
versions 10 ...)
@@ -74805,9 +74805,9 @@ CVE-2024-32672 (A Segmentation Fault issue discovered
in Samsung Open Source E
CVE-2024-32669 (Improper Input Validation vulnerability in Samsung Open Source
escargo ...)
NOT-FOR-US: Samsung
CVE-2024-2651 (An issue has been discovered in GitLab CE/EE affecting all
versions be ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-2454 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2024-28759 (A crafted network packet may cause a buffer overrun in Wind
River VxWo ...)
NOT-FOR-US: Wind River
CVE-2024-27793 (The issue was addressed with improved checks. This issue is
fixed in i ...)
@@ -84339,7 +84339,7 @@ CVE-2023-32228 (A firmware bug which may lead to
misinterpretation of data in th
CVE-2024-3092 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
- gitlab <unfixed>
CVE-2024-2279 (An issue has been discovered in GitLab CE/EE affecting all
versions st ...)
- - gitlab <unfixed>
+ - gitlab 17.3.5-2
CVE-2023-6489 (A denial of service vulnerability was identified in GitLab
CE/EE, vers ...)
- gitlab 17.3.5-2
CVE-2023-6678 (An issue has been discovered in GitLab EE affecting all
versions befor ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8958b723315f342fe524e9eb5b2a23b01f2f776
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8958b723315f342fe524e9eb5b2a23b01f2f776
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
