Package: gitlab Severity: serious GitLab recently fixed several serious security issues:
https://about.gitlab.com/2016/05/02/cve-2016-4340-patches/ CVE-2016-4340: Privilege escalation via "impersonate" feature Privilege escalation via notes API Privilege escalation via project webhook API XSS vulnerability via branch and tag names XSS vulnerability via custom issue tracker URL XSS vulnerability via window.opener XSS vulnerability via label drop-down Information disclosure via milestone API Information disclosure via snippet API Information disclosure via project labels Information disclosure via new merge request page Please update the Debian gitlab package to the latest upstream. -- bye, pabs https://wiki.debian.org/PaulWise
signature.asc
Description: This is a digitally signed message part
