Gitlab Security Release: 13.2.3, 13.1.6 and 13.0.12

Published: August 6, 2020 by Author's Photo Shane Rainville | Reading time: 1 minute.
Gitlab announces security release for version 13.2.3, 13.1.6, and 13.0.12.

Gitlabs have released version 13.2.3, 13.1.6, and 13.0.12 for Gitlab Community Edition (CE) and Enterprise Edition (EE).

The releases contain important secrutiy fixes:

  • Arbitrary File Read when Moving an Issue
  • Memory exhaustion via Excessive Logging of Invite Email Error
  • Denial of Service Through Project Import Feature
  • User Controller Git Configuration Settings Resulting in SSRF
  • Stored XSS in Issue Reference Number Tooltip
  • Stored XSS in Issues List via Milestone Title
  • Improper Access Control After Group Transfer
  • Bypass Email Verification Required for OAuth Flow
  • Confusion When Using Hexadecimal Branch Names
  • Insufficient OAuth Revocation
  • Improper Access Control for Project Sharing
  • Stored XSS in Jobs Page

More Info

Last updated on September 3, 2020 by Shane Rainville: Add description bf18da1a0fa50e0a2a294f01dcae4b5d02e2c454
Author Photo
Blogger, Developer, pipeline builder, cloud engineer, and DevSecOps specialist. I have been working in the cloud for over a decade and running containized workloads since 2012, with gigs at small startups to large financial enterprises.

How to Deploy Jekyll on Kubernetes

Publised September 15, 2020 by Shane Rainville

Gitlab announces security release for version 13.2.3, 13.1.6, and 13.0.12.

How to Update Kubernetes Deployments

Publised September 11, 2020 by Shane Rainville

Gitlab announces security release for version 13.2.3, 13.1.6, and 13.0.12.

How to Configure Node-based apps in Kubernetes

Publised September 9, 2020 by Shane Rainville

Gitlab announces security release for version 13.2.3, 13.1.6, and 13.0.12.

How to Backup and Restore MongoDB Deployment on Kubernetes

Publised September 3, 2020 by Shane Rainville

Gitlab announces security release for version 13.2.3, 13.1.6, and 13.0.12.

How to Immediately Start Kubernetes CronJobs Manually

Publised September 2, 2020 by Shane Rainville

Gitlab announces security release for version 13.2.3, 13.1.6, and 13.0.12.

How to Deploy Java Apps with Tomcat on Kubernetes

Publised September 1, 2020 by Shane Rainville

Gitlab announces security release for version 13.2.3, 13.1.6, and 13.0.12.

How to Install Ansible on Ubuntu Debian

Publised September 1, 2020 by Shane Rainville

Gitlab announces security release for version 13.2.3, 13.1.6, and 13.0.12.

How to Create a Docker Pipeline With Jenkins

Publised August 30, 2020 by Shane Rainville

Gitlab announces security release for version 13.2.3, 13.1.6, and 13.0.12.