GitLab Critical Security Release: 10.5.6, 10.4.6, and 10.3.9

Gitlab is an opensource software that can be installed into CVE-2018-8801.

Thanks to @jobert from HackerOne for reporting this.

Versions Affected

  • Affects GitLab CE/EE 8.3 and up

Remediation

We strongly recommend that all installations running an affected version above to be upgraded to the latest version as soon as possible.

Gitlab Auth0 integration issue

There was an issue with the GitLab omniauth-auth0 configuration which resulted in the Auth0 integration signing in the wrong users.

Thanks to Trond Hindenes for reporting this issue.

Versions Affected

  • Affects GitLab CE 8.6 and up

Remediation

We strongly recommend that all installations running an affected version above to be upgraded to the latest version as soon as possible.

Updating

To update, check out our update page.

Gitlab is an opensource software that can be installed into
>
WhatsApp WhatsApp us