mirror of
https://github.com/SebastianWendel/nixpkgs.git
synced 2024-11-06 10:16:44 +01:00
c25756f91c
Includes multiple security fixes mentioned in https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/ (unfortunately, no CVE numbers as of yet) - Directory Traversal to Arbitrary File Read - Account Takeover Through Expired Link - Server Side Request Forgery Through Deprecated Service - Group Two-Factor Authentication Requirement Bypass - Stored XSS in Merge Request Pages - Stored XSS in Merge Request Submission Form - Stored XSS in File View - Stored XSS in Grafana Integration - Contribution Analytics Exposed to Non-members - Incorrect Access Control in Docker Registry via Deploy Tokens - Denial of Service via Permission Checks - Denial of Service in Design For Public Issue - GitHub Tokens Displayed in Plaintext on Integrations Page - Incorrect Access Control via LFS Import - Unescaped HTML in Header - Private Merge Request Titles Leaked via Widget - Project Namespace Exposed via Vulnerability Feedback Endpoint - Denial of Service Through Recursive Requests - Project Authorization Not Being Updated - Incorrect Permission Level For Group Invites - Disclosure of Private Group Epic Information - User IP Address Exposed via Badge images - Update postgresql (GitLab Omnibus) |
||
---|---|---|
.. | ||
accessibility | ||
audio | ||
backup | ||
blockchains | ||
display-managers | ||
editors | ||
gis | ||
graphics | ||
kde | ||
misc | ||
networking | ||
office | ||
qubes/qubes-core-vchan-xen | ||
radio | ||
science | ||
search | ||
system | ||
version-management | ||
video | ||
virtualization | ||
window-managers |