Wednesday, May 11, 2016

Security Release: Gitlab 8.7.4

The Gitlab project released a new update that contains security fixes, including one for an XSS vulnerability via faulty URI scheme sanitization, and we strongly recommend that all GitLab installations be upgraded to the new version immediately.

We released new versions of Bitnami Gitlab 8.7.4 installers, virtual machines and cloud images that fix the security issues.

Additional information regarding XSS vulnerability via faulty URI scheme sanitization:

The URI scheme of user-supplied links was not being properly sanitized. Please see the GitHub issue for more details. Additional information regarding the additional changes is available in the official security advisory.

Do you have questions about Bitnami Gitlab or the security issue? Please post to our community forum, and we will be happy to help you.