On വെള്ളി 26 ജനുവരി 2018 07:32 വൈകു, Salvatore Bonaccorso wrote: > See > https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/ > for which several go back to 8.9.0 versions. > > There are three CVEs out of > https://security-tracker.debian.org/tracker/source-package/gitlab > belonging to that list wich are yet marked undetermined, because not > clear from the advisory if 8.13.11=dfsg1-12 might be affected. > But assuming the 'version affected' information is correct, they are > not, please confirm so we can adjust the security-tracker information.
We are working on backporting the patches (8.13.12 don't have most of these patches). We will confirm once we go through all of it.
signature.asc
Description: OpenPGP digital signature
