{"id":7974,"date":"2019-04-30T11:12:22","date_gmt":"2019-04-30T03:12:22","guid":{"rendered":"https:\/\/aqzt.com\/7974.html"},"modified":"2019-04-30T11:12:22","modified_gmt":"2019-04-30T03:12:22","slug":"gitlab-%e5%8f%91%e5%b8%83%e5%ae%89%e5%85%a8%e4%bf%ae%e5%a4%8d%e7%89%88%e6%9c%ac-11-10-2%e3%80%8111-9-10-%e5%92%8c-11-8-9","status":"publish","type":"post","link":"https:\/\/aqzt.com\/7974.html","title":{"rendered":"GitLab \u53d1\u5e03\u5b89\u5168\u4fee\u590d\u7248\u672c 11.10.2\u300111.9.10 \u548c 11.8.9"},"content":{"rendered":"<p><a href=\"https:\/\/www.oschina.net\/\" target=\"_blank\" rel=\"noopener noreferrer\">\u6587\u7ae0\u8f6c\u8f7d\u5f00\u6e90\u4e2d\u56fd<\/a><\/p>\n<p>GitLab \u4e3a\u793e\u533a\u7248\u548c\u4f01\u4e1a\u7248<a href=\"https:\/\/about.gitlab.com\/2019\/04\/29\/security-release-gitlab-11-dot-10-dot-2-released\/\" target=\"_blank\" rel=\"noopener noreferrer\">\u53d1\u5e03<\/a>\u4e86\u6700\u65b0\u7684&nbsp;11.10.2\u300111.9.10 \u548c 11.8.9 \u7248\u672c\u3002\u8fd9\u4e9b\u7248\u672c\u5305\u542b\u91cd\u8981\u7684\u5b89\u5168\u4fee\u590d\u7a0b\u5e8f\uff0c\u5b98\u65b9\u8868\u793a\u5f3a\u70c8\u5efa\u8bae\u7528\u6237\u7acb\u5373\u5c06\u6240\u6709 GitLab \u5b89\u88c5\u5347\u7ea7\u5230\u5176\u4e2d\u4e00\u4e2a\u7248\u672c\u3002<\/p>\n<p>\u6f0f\u6d1e\u95ee\u9898\u53ca\u53d7\u5f71\u54cd\u7684\u7248\u672c\u5982\u4e0b\uff1a<\/p>\n<ul>\n<li>\u5f53 issue \u88ab\u79fb\u52a8\u5230\u79c1\u6709\u9879\u76ee\u65f6\uff0c\u79c1\u6709\u9879\u76ee\u547d\u540d\u7a7a\u95f4\u4f1a\u88ab\u6cc4\u9732\u7ed9\u53ef\u4ee5\u8bbf\u95ee\u539f\u59cb\u95ee\u9898\u7684\u672a\u6388\u6743\u7528\u6237\n<ul>\n<li><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-11545\">CVE-2019-11545<\/a><\/li>\n<li>\u53d7\u5f71\u54cd\u7248\u672c\uff1aGitLab \u793e\u533a\/\u4f01\u4e1a&nbsp;11.9 \u53ca\u66f4\u9ad8\u7248\u672c<\/li>\n<\/ul>\n<\/li>\n<li>\u975e\u4f1a\u5458\u7528\u6237\u8ba2\u9605\u53d7\u9650\u5236\u7684\u7684\u5185\u90e8\u9879\u76ee\u901a\u77e5\u540e\uff0c\u4e5f\u4f1a\u6536\u5230\u6709\u5173\u53d7\u9650\u5185\u5bb9\u7684\u7535\u5b50\u90ae\u4ef6\n<ul>\n<li>&nbsp;<a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-11544\">CVE-2019-11544<\/a><\/li>\n<li>\u53d7\u5f71\u54cd\u7248\u672c\uff1aGitLab \u793e\u533a\/\u4f01\u4e1a&nbsp;8.10 \u53ca\u66f4\u9ad8\u7248\u672c<\/li>\n<\/ul>\n<\/li>\n<li>\u9879\u76ee\u7684\u975e\u7279\u6743\u6210\u5458\u80fd\u591f\u901a\u8fc7\u6ce8\u91ca\u7aef\u70b9\u4e2d\u7684\u6388\u6743\u95ee\u9898\u53d1\u5e03\u6709\u5173\u673a\u5bc6\u95ee\u9898\u7684\u8bc4\u8bba\n<ul>\n<li>&nbsp;<a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-11548\">CVE-2019-11548<\/a><\/li>\n<li>\u53d7\u5f71\u54cd\u7248\u672c\uff1aGitLab \u793e\u533a\/\u4f01\u4e1a&nbsp;5.4.0 \u5230&nbsp;11.8.8 \u7248\u672c<\/li>\n<\/ul>\n<\/li>\n<li>\u7ade\u4e89\u6761\u4ef6\u6f0f\u6d1e\uff1a\u8be5\u6f0f\u6d1e\u53ef\u80fd\u5141\u8bb8\u7528\u6237\u591a\u6b21\u6279\u51c6\u5408\u5e76\u8bf7\u6c42\uff0c\u5e76\u53ef\u80fd\u8fbe\u5230\u5408\u5e76\u6240\u9700\u7684\u6279\u51c6\u8ba1\u6570\n<ul>\n<li>&nbsp;<a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-11546\">CVE-2019-11546<\/a><\/li>\n<li>\u53d7\u5f71\u54cd\u7248\u672c\uff1aGitLab \u793e\u533a\/\u4f01\u4e1a&nbsp;8.6 \u53ca\u66f4\u9ad8\u7248\u672c<\/li>\n<\/ul>\n<\/li>\n<li>\u65b0\u5408\u5e76\u8bf7\u6c42\u901a\u77e5\u7535\u5b50\u90ae\u4ef6\u4e2d\u7684\u5206\u652f\u540d\u79f0\u672a\u88ab\u8f6c\u4e49\uff0c\u8fd9\u53ef\u80fd\u4f1a\u5bfc\u81f4 XSS \u95ee\u9898\n<ul>\n<li>&nbsp;<a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-11547\">CVE-2019-11547<\/a><\/li>\n<li>\u53d7\u5f71\u54cd\u7248\u672c\uff1aGitLab \u793e\u533a\/\u4f01\u4e1a&nbsp;6.0.0 \u53ca\u66f4\u9ad8\u7248\u672c<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<ul>\n<li>HTTP \/ GIT \u51ed\u636e\u5305\u542b\u5728\u8fde\u63a5\u9519\u8bef\u7684\u65e5\u5fd7\u4e2d\uff0c\u5bfc\u81f4\u4fe1\u606f\u62ab\u9732\n<ul>\n<li>&nbsp;<a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2019-11549\">CVE-2019-11549<\/a><\/li>\n<li>\u53d7\u5f71\u54cd\u7248\u672c\uff1aGitLab \u793e\u533a\/\u4f01\u4e1a&nbsp;9.0 \u53ca\u66f4\u9ad8\u7248\u672c<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>\u5efa\u8bae\u6240\u6709\u7528\u6237\u5c3d\u5feb\u5347\u7ea7\u5230 11.10.2\u300111.9.10 \u548c&nbsp;11.8.9 \u7684\u5176\u4e2d\u4e00\u4e2a\u7248\u672c\uff0c\u4ee5\u4fee\u590d\u4e0a\u8ff0\u5b89\u5168\u6f0f\u6d1e\u3002<\/p>\n<p><a href=\"https:\/\/about.gitlab.com\/2019\/04\/29\/security-release-gitlab-11-dot-10-dot-2-released\/\" target=\"_blank\" rel=\"noopener noreferrer\">\u4e0b\u8f7d\u5730\u5740\u548c\u53d1\u5e03\u516c\u544a\u8bf7\u70b9\u6b64\u67e5\u770b<\/a>\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u6587\u7ae0\u8f6c\u8f7d\u5f00\u6e90\u4e2d\u56fd GitLab \u4e3a\u793e\u533a\u7248\u548c\u4f01\u4e1a\u7248\u53d1\u5e03\u4e86\u6700\u65b0\u7684&nbsp;11.10.2\u300111.9.10 \u548c 11.8.9 \u7248\u672c\u3002\u8fd9\u4e9b\u7248\u672c\u5305\u542b\u91cd\u8981\u7684\u5b89\u5168\u4fee\u590d\u7a0b\u5e8f\uff0c\u5b98\u65b9\u8868\u793a\u5f3a\u70c8\u5efa\u8bae\u7528\u6237\u7acb\u5373\u5c06\u6240\u6709 GitLab \u5b89\u88c5\u5347\u7ea7\u5230\u5176\u4e2d\u4e00\u4e2a\u7248\u672c\u3002 \u6f0f\u6d1e\u95ee\u9898\u53ca\u53d7\u5f71\u54cd\u7684\u7248\u672c\u5982\u4e0b\uff1a \u5f53 issue \u88ab\u79fb\u52a8\u5230\u79c1\u6709\u9879\u76ee\u65f6\uff0c\u79c1\u6709\u9879\u76ee\u547d\u540d\u7a7a\u95f4\u4f1a\u88ab\u6cc4\u9732\u7ed9\u53ef\u4ee5\u8bbf\u95ee\u539f\u59cb\u95ee\u9898\u7684\u672a\u6388\u6743\u7528\u6237 CVE-2019-11545 \u53d7\u5f71\u54cd\u7248\u672c\uff1aGitLab \u793e\u533a\/\u4f01\u4e1a&nbsp;11.9 \u53ca\u66f4\u9ad8\u7248\u672c \u975e\u4f1a\u5458\u7528\u6237\u8ba2\u9605\u53d7\u9650\u5236\u7684\u7684\u5185\u90e8\u9879\u76ee\u901a\u77e5\u540e\uff0c\u4e5f\u4f1a\u6536\u5230\u6709\u5173\u53d7\u9650\u5185\u5bb9\u7684\u7535\u5b50<\/p>\n","protected":false},"author":1,"featured_media":6522,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"footnotes":""},"categories":[2],"tags":[292,9,85,26,11],"collection":[],"_links":{"self":[{"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/posts\/7974"}],"collection":[{"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/comments?post=7974"}],"version-history":[{"count":0,"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/posts\/7974\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/media\/6522"}],"wp:attachment":[{"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/media?parent=7974"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/categories?post=7974"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/tags?post=7974"},{"taxonomy":"collection","embeddable":true,"href":"https:\/\/aqzt.com\/wp-json\/wp\/v2\/collection?post=7974"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}