CVE-2018-19572 (retired)

Priority
Description
GitLab CE 8.17 and later and EE 8.3 and later have a symlink
time-of-check-to-time-of-use race condition that would allow unauthorized
access to files in the GitLab Pages chroot environment. This is fixed in
versions 11.5.1, 11.4.8, and 11.3.11.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
More Information

Updated: 2019-09-19 16:06:11 UTC (commit d32ebc32606b9517c6fa7d65a15441e2a57a6de5)