CVE-2022-3066 An issue was discovered in GitLab starting from 10.0 before 15.2.5, 15.3 before 15.3.4, 15.4 before 15.4.1.
This issue has been fixed and the process of creating issues has been changed to prevent it from happening again. If you were affected by this issue, we recommend you to upgrade to the latest version. If you didn’t upgrade and you are still on a version affected by this issue, you can follow the guide to upgrade. This issue was fixed in 15.5.
To upgrade to the latest version, follow these steps: Sign in or create an account in the GitLab app. Click Admin in the top right. Click Upgrade.
To install GitLab on CentOS, click Download. To install on Ubuntu, click Install. And that’s it - you have now installed GitLab! If you are installing on Red Hat Enterprise Linux, click here for details about how to install GitLab. IMPORTANT: If you are installing on a new server, make sure that the server has at least one active user with at least one permission. If you are upgrading from an older version of GitLab, you might need to create a new user and add the user to the ‘git’ group. This update is recommended for all GitLab installations.
What has changed in GitLab 15.5?
- A new issue has been fixed which prevents it from happening again. If you were affected by this issue, we recommend you to upgrade to the latest version.
- GitLab now requires PostgreSQL 9.4 or higher (9.6 is recommended) if using the pg_trgm extension in order to prevent a potential crash caused by this bug on some systems. The process of creating issues has also been changed to prevent it from happening again.
Quick Start Guide
- Login to the web interface of GitLab with your web browser, replacing
Timeline
Published on: 10/17/2022 16:15:00 UTC
Last modified on: 10/19/2022 14:59:00 UTC