gitlab - Debian Package Tracker

general

source: gitlab (main)
version: 17.5.5-1
maintainer: Debian Ruby Team (archive) (DMD)
uploaders: Pirate Praveen [DMD] – Utkarsh Gupta [DMD] – Cédric Boutillier [DMD] – Balasankar C [DMD] – Sruthi Chandran [DMD]
arch: all any
std-ver: 4.6.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

unstable: 17.5.5-1

versioned links

17.5.5-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

gitlab (39 bugs: 2, 33, 4, 0)
gitlab-workhorse

action needed

Debci reports failed tests high

unstable: fail (log)
The tests ran in 0:01:29
Last run: 2025-03-29T06:26:03.000Z
Previous status: unknown

testing: fail (log)
The tests ran in 0:12:14
Last run: 2019-01-19T01:29:51.000Z
Previous status: unknown

stable: fail (log)
The tests ran in 0:00:22
Last run: 2019-07-25T19:45:07.000Z
Previous status: unknown

Created: 2018-12-15 Last update: 2025-04-03 02:31

A new upstream version is available: 17.10.3 high

A new upstream version 17.10.3 is available, you should consider packaging it.

Created: 2025-01-30 Last update: 2025-04-02 23:02

84 security issues in sid high

There are 84 open security issues in sid.

84 important issues:

CVE-2023-5117: An issue was discovered in GitLab CE/EE affecting all versions before 17.6.0 in which users were unaware that files uploaded to comments on confidential issues and epics of public projects could be accessed without authentication via a direct link to the uploaded file URL.
CVE-2024-3958: An issue has been discovered in GitLab CE/EE affecting all versions before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. An issue was found that allows someone to abuse a discrepancy between the Web application display and the git command line interface to social engineer victims into cloning non-trusted code.
CVE-2024-3959: An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows private job artifacts can be accessed by any user.
CVE-2024-4006: An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes were not honored by GraphQL subscriptions
CVE-2024-4011: An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows non-project member to promote key results to objectives.
CVE-2024-4024: An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. Under certain conditions, an attacker with their Bitbucket account credentials may be able to take over a GitLab account linked to another user's Bitbucket account, if Bitbucket is used as an OAuth 2.0 provider on GitLab.
CVE-2024-4201: A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 5.1 before 16.10.7, all versions starting from 16.11 before 16.111.4, all versions starting from 17.0 before 17.0.2. When viewing an XML file in a repository in raw mode, it can be made to render as HTML if viewed under specific circumstances.
CVE-2024-4835: A XSS condition exists within GitLab in versions 15.11 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1. By leveraging this condition, an attacker can craft a malicious page to exfiltrate sensitive user information.
CVE-2024-4901: An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, where a stored XSS vulnerability could be imported from a project with malicious commit notes.
CVE-2024-5005: An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 11.4 before 17.2.9, all versions starting from 17.3 before 17.3.5, all versions starting from 17.4 before 17.4.2 It was possible for guest users to disclose project templates using the API.
CVE-2024-5258: An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic.
CVE-2024-5423: Multiple Denial of Service (DoS) conditions has been discovered in GitLab CE/EE affecting all versions starting from 1.0 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2 which allowed an attacker to cause resource exhaustion via banzai pipeline.
CVE-2024-5430: An issue was discovered in GitLab CE/EE affecting all versions starting from 16.10 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows a project maintainer can delete the merge request approval policy via graphQL.
CVE-2024-5435: An issue has been discovered discovered in GitLab EE/CE affecting all versions starting from 15.10 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2 will disclose user password from repository mirror configuration.
CVE-2024-5469: DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior to 16.11.3 allows an attacker to crash KAS via crafted gRPC requests.
CVE-2024-5528: An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in GitLab Pages.
CVE-2024-5655: An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, which allows an attacker to trigger a pipeline as another user under certain circumstances.
CVE-2024-6324: An issue was discovered in GitLab CE/EE affecting all versions starting from 15.7 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. It was possible to trigger a DoS by creating cyclic references between epics.
CVE-2024-6329: An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.0.6, starting from 17.1 prior to 17.1.4, and starting from 17.2 prior to 17.2.2, which causes the web interface to fail to render the diff correctly when the path is encoded.
CVE-2024-6385: An issue was discovered in GitLab CE/EE affecting all versions starting from 15.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows an attacker to trigger a pipeline as another user under certain circumstances.
CVE-2024-6389: An issue was discovered in GitLab-CE/EE affecting all versions starting with 17.0 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. An attacker as a guest user was able to access commit information via the release Atom endpoint, contrary to permissions.
CVE-2024-6446: An issue has been discovered in GitLab affecting all versions starting from 17.1 to 17.1.7, 17.2 prior to 17.2.5 and 17.3 prior to 17.3.2. A crafted URL could be used to trick a victim to trust an attacker controlled application.
CVE-2024-6502: An issue was discovered in GitLab CE/EE affecting all versions starting from 8.2 prior to 17.1.6 starting from 17.2 prior to 17.2.4, and starting from 17.3 prior to 17.3.1, which allows an attacker to create a branch with the same name as a deleted tag.
CVE-2024-6530: A cross-site scripting issue has been discovered in GitLab affecting all versions starting from 17.1 prior 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2. When adding a authorizing an application, it can be made to render as HTML under specific circumstances.
CVE-2024-6595: An issue was discovered in GitLab CE/EE affecting all versions starting from 11.8 prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2 where it was possible to upload an NPM package with conflicting package data.
CVE-2024-6678: An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to 17.2.5, and starting from 17.3 prior to 17.3.2, which allows an attacker to trigger a pipeline as an arbitrary user under certain circumstances.
CVE-2024-6685: An issue was discovered in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2, where group runners information was disclosed to unauthorised group members.
CVE-2024-6826: An issue has been discovered in GitLab CE/EE affecting all versions from 11.2 before 17.3.6, 17.4 before 17.4.3, and 17.5 before 17.5.1. A denial of service could occur via importing a malicious crafted XML manifest file.
CVE-2024-7047: A cross site scripting vulnerability exists in GitLab CE/EE affecting all versions from 16.6 prior to 17.0.5, 17.1 prior to 17.1.3, 17.2 prior to 17.2.1 allowing an attacker to execute arbitrary scripts under the context of the current logged in user.
CVE-2024-7057: An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.0.5, starting from 17.1 prior to 17.1.3, and starting from 17.2 prior to 17.2.1 where job artifacts can be inappropriately exposed to users lacking the proper authorization level.
CVE-2024-7060: An information disclosure vulnerability in GitLab CE/EE in project/group exports affecting all versions from 15.4 prior to 17.0.5, 17.1 prior to 17.1.3, and 17.2 prior to 17.2.1 allows unauthorized users to view the resultant export.
CVE-2024-7091: An issue was discovered in GitLab CE/EE affecting all versions starting from 15.6 prior to 17.0.5, starting from 17.1 prior to 17.1.3, and starting from 17.2 prior to 17.2.1 where it was possible to disclose limited information of an exported group or project to another user.
CVE-2024-7102: An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.0 which allows an attacker to trigger a pipeline as another user under certain circumstances.
CVE-2024-7554: An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.0.6, all versions starting from 17.1 before 17.1.4, all versions starting from 17.2 before 17.2.2. Under certain conditions, access tokens may have been logged when an API request was made in a specific manner.
CVE-2024-7610: A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions starting with 15.9 before 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2. It is possible for an attacker to cause catastrophic backtracking while parsing results from Elasticsearch.
CVE-2024-8041: A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior to 17.1.6, 17.2 prior to 17.2.4, and 17.3 prior to 17.3.1. A denial of service could occur upon importing a maliciously crafted repository using the GitHub importer.
CVE-2024-8114: An issue has been discovered in GitLab CE/EE affecting all versions from 8.12 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. This issue allows an attacker with access to a victim's Personal Access Token (PAT) to escalate privileges.
CVE-2024-8116: An issue has been discovered in GitLab CE/EE affecting all versions from 16.9 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. By using a specific GraphQL query, under specific conditions an unauthorized user can retrieve branch names.
CVE-2024-8124: An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.1.7, starting from 17.2 prior to 17.2.5, starting from 17.3 prior to 17.3.2 which could cause Denial of Service via sending a specific POST request.
CVE-2024-8177: An issue was discovered in GitLab CE/EE affecting all versions starting from 15.6 prior to 17.4.5, starting from 17.5 prior to 17.5.3, starting from 17.6 prior to 17.6.1 which could cause Denial of Service via integrating a malicious harbor registry.
CVE-2024-8179: An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. Improper output encoding could lead to XSS if CSP is not enabled.
CVE-2024-8186: An issue has been discovered in GitLab CE/EE affecting all versions from 16.6 before 17.7.6, 17.8 before 17.8.4, and 17.9 before 17.9.1. An attacker could inject HMTL into the child item search potentially leading to XSS in certain situations.
CVE-2024-8233: An issue has been discovered in GitLab CE/EE affecting all versions from 9.4 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. An attacker could cause a denial of service with requests for diff files on a commit or merge request.
CVE-2024-8237: A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions prior to 12.6 prior to 17.4.5, 17.5 prior to 17.5.3, and 17.6 prior to 17.6.1. An attacker could cause a denial of service with a crafted cargo.toml file.
CVE-2024-8266: An issue was discovered in GitLab CE/EE affecting all versions starting from 17.1 prior to 17.6.0, which allows an attacker with maintainer role to trigger a pipeline as project owner under certain circumstances.
CVE-2024-8312: An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 before 17.3.6, 17.4 before 17.4.3, and 17.5 before 17.5.1. An attacker could inject HTML into the Global Search field on a diff view leading to XSS.
CVE-2024-8641: An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It may have been possible for an attacker with a victim's CI_JOB_TOKEN to obtain a GitLab session token belonging to the victim.
CVE-2024-8647: An issue was discovered in GitLab affecting all versions starting 15.2 to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2. On self hosted installs, it was possible to leak the anti-CSRF-token to an external site while the Harbor integration was enabled.
CVE-2024-8648: An issue has been discovered in GitLab CE/EE affecting all versions from 16 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. The vulnerability could allow an attacker to inject malicious JavaScript code in Analytics Dashboards through a specially crafted URL.
CVE-2024-8650: An issue was discovered in GitLab CE/EE affecting all versions from 15.0 prior to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2 that allowed non-member users to view unresolved threads marked as internal notes in public projects merge requests.
CVE-2024-8754: An issue has been discovered in GitLab EE/CE affecting all versions from 16.9.7 prior to 17.1.7, 17.2 prior to 17.2.5, and 17.3 prior to 17.3.2. An improper input validation error allows attacker to squat on accounts via linking arbitrary unclaimed provider identities when JWT authentication is configured.
CVE-2024-8970: An issue was discovered in GitLab CE/EE affecting all versions starting from 11.6 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows an attacker to trigger a pipeline as another user under certain circumstances.
CVE-2024-8974: Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unauthorised user the path of a private project."
CVE-2024-9367: An issue was discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2, that allows an attacker to cause uncontrolled CPU consumption, potentially leading to a Denial of Service (DoS) condition while parsing templates to generate changelogs.
CVE-2024-9387: An issue was discovered in GitLab CE/EE affecting all versions from 11.8 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2. An attacker could potentially perform an open redirect against a given releases API endpoint.
CVE-2024-9623: An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows deploy keys to push to an archived repository.
CVE-2024-9633: An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.3 before 17.4.2, all versions starting from 17.5 before 17.5.4, all versions starting from 17.6 before 17.6.2. This issue allows an attacker to create a group with a name matching an existing unique Pages domain, potentially leading to domain confusion attacks.
CVE-2024-9693: An issue was discovered in GitLab CE/EE affecting all versions starting from 16.0 prior to 17.3.7, starting from 17.4 prior to 17.4.4, and starting from 17.5 prior to 17.5.2, which could have allowed unauthorized access to the Kubernetes agent in a cluster under specific configurations.
CVE-2025-0194: An issue was discovered in GitLab CE/EE affecting all versions starting from 17.4 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. Under certain conditions, access tokens may have been logged when API requests were made in a specific manner.
CVE-2025-0290: An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.0 prior to 17.5.5, from 17.6 prior to 17.6.3, and from 17.7 prior to 17.7.1. Under certain conditions, processing of CI artifacts metadata could cause background jobs to become unresponsive.
CVE-2025-0314: An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.6.4, 17.7 before 17.7.3, and 17.8 before 17.8.1. Improper rendering of certain file types lead to cross-site scripting.
CVE-2025-0376: An XSS vulnerability exists in GitLab CE/EE affecting all versions from 13.3 prior to 17.6.5, 17.7 prior to 17.7.4 and 17.8 prior to 17.8.2 that allows an attacker to execute unauthorized actions via a change page.
CVE-2025-0475: An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1. A proxy feature could potentially allow unintended content rendering leading to XSS under specific circumstances.
CVE-2025-0516: Improper Authorization in GitLab CE/EE affecting all versions from 17.7 prior to 17.7.4, 17.8 prior to 17.8.2 allow users with limited permissions to perform unauthorized actions on critical project data.
CVE-2025-0652: An issue has been discovered in GitLab EE/CE affecting all versions starting from 16.9 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2 could allow unauthorized users to access confidential information intended for internal use only.
CVE-2025-0811: An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Improper rendering of certain file types leads to cross-site scripting.
CVE-2025-1072: A Denial of Service (DoS) issue has been discovered in GitLab CE/EE affecting all versions starting from 7.14.1 prior to 17.3.7, 17.4 prior to 17.4.4, and 17.5 prior to 17.5.2. A denial of service could occur upon importing maliciously crafted content using the Fogbugz importer.
CVE-2025-1198: An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results.
CVE-2025-1212: An information disclosure vulnerability in GitLab CE/EE affecting all versions from 8.3 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to send a crafted request to a backend server to reveal sensitive information.
CVE-2025-1540: An issue has been discovered in GitLab CE/EE for Self-Managed and Dedicated instances affecting all versions from 17.5 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2. It was possible for a user added as an External to read and clone internal projects under certain circumstances."
CVE-2025-2242: An improper access control vulnerability in GitLab CE/EE affecting all versions from 17.4 prior to 17.8.6, 17.9 prior to 17.9.3, and 17.10 prior to 17.10.1 allows a user who was an instance admin before but has since been downgraded to a regular user to continue to maintain elevated privileges to groups and projects.
CVE-2025-2255: An issue has been discovered in Gitlab EE/CE for AppSec affecting all versions from 13.5.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. Certain error messages could allow Cross-Site Scripting attacks (XSS). for AppSec.
CVE-2024-10307: An issue has been discovered in GitLab EE/CE affecting all versions from 12.10 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A maliciously crafted file can cause uncontrolled CPU consumption when viewing the associated merge request.
CVE-2024-11274: An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, injection of NEL headers in k8s proxy response could lead to session data exfiltration.
CVE-2024-11828: A denial of service (DoS) condition was discovered in GitLab CE/EE affecting all versions from 13.2.4 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. By leveraging this vulnerability an attacker could create a DoS condition by sending crafted API calls. This was a regression of an earlier patch.
CVE-2024-11931: An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.6.4, from 17.7 prior to 17.7.3, and from 17.8 prior to 17.8.1. Under certain conditions, it may have been possible for users with developer role to exfiltrate protected CI variables via CI lint.
CVE-2024-12292: An issue was discovered in GitLab CE/EE affecting all versions starting from 11.0 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, where sensitive information passed in GraphQL mutations may have been retained in GraphQL logs.
CVE-2024-12379: A denial of service vulnerability in GitLab CE/EE affecting all versions from 14.1 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 allows an attacker to impact the availability of GitLab via unbounded symbol creation via the scopes parameter in a Personal Access Token.
CVE-2024-12380: An issue was discovered in GitLab EE/CE affecting all versions starting from 11.5 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2. Certain user inputs in repository mirroring settings could potentially expose sensitive authentication information.
CVE-2024-12431: An issue was discovered in GitLab CE/EE affecting all versions starting from 15.5 before 17.5.5, 17.6 before 17.6.3, and 17.7 before 17.7.1, in which unauthorized users could manipulate the status of issues in public projects.
CVE-2024-12570: An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.4.6, from 17.5 prior to 17.5.4, and from 17.6 prior to 17.6.2. It may have been possible for an attacker with a victim's `CI_JOB_TOKEN` to obtain a GitLab session token belonging to the victim.
CVE-2024-12619: An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1, allowing internal users to gain unauthorized access to internal projects.
CVE-2024-13041: An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.5.5, starting from 17.6 prior to 17.6.3, and starting from 17.7 prior to 17.7.1. When a user is created via the SAML provider, the external groups setting overrides the external provider configuration. As a result, the user may not be marked as external thereby giving those users access to internal projects or groups.
CVE-2024-13054: An issue was discovered in GitLab CE/EE affecting all versions before 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2. where a denial of service vulnerability could allow an attacker to cause a system reboot under certain conditions.

Created: 2024-02-21 Last update: 2025-04-02 20:02

lintian reports 1 error and 58 warnings high

Lintian reports 1 error and 58 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2024-03-07 Last update: 2025-03-14 06:30

Build log checks report 1 error high

Build log checks report 1 error

Created: 2024-02-20 Last update: 2024-02-20 00:32

4 bugs tagged patch in the BTS normal

The BTS contains patches fixing 4 bugs, consider including or untagging them.

Created: 2025-01-06 Last update: 2025-04-03 03:30

debian/patches: 15 patches to forward upstream low

Among the 18 debian patches available in version 17.5.5-1 of the package, we noticed the following issues:

15 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-06-12 Last update: 2025-04-03 00:01

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.6.1).

Created: 2023-06-12 Last update: 2025-04-02 19:26

testing migrations

excuses:
- Migrates after: gitaly
- Migration status for gitlab (- to 17.5.5-1): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- ∙ ∙ gitlab/amd64 has unsatisfiable dependency
- ∙ ∙ gitlab/arm64 has unsatisfiable dependency
- ∙ ∙ Updating gitlab would introduce bugs in testing: #1009942, #983915
- ∙ ∙ autopkgtest for gitlab/17.5.5-1: amd64: Regression or new test ♻, arm64: Regression or new test ♻, armel: Regression or new test ♻, armhf: Regression or new test ♻, i386: Regression or new test ♻, ppc64el: Regression or new test ♻, riscv64: Test in progress, s390x: Regression or new test ♻
- ∙ ∙ Not built on buildd: upload info for arch all binaries not found, a new source-only upload is needed to allow migration
- ∙ ∙ Not built on buildd: upload info for arch amd64 binaries not found
- ∙ ∙ Not built on buildd: upload info for arch arm64 binaries not found
- ∙ ∙ Not built on buildd: upload info for arch armel binaries not found
- ∙ ∙ Not built on buildd: upload info for arch armhf binaries not found
- ∙ ∙ Not built on buildd: upload info for arch i386 binaries not found
- ∙ ∙ Not built on buildd: upload info for arch mips64el binaries not found
- ∙ ∙ Not built on buildd: upload info for arch ppc64el binaries not found
- ∙ ∙ Not built on buildd: upload info for arch riscv64 binaries not found
- ∙ ∙ Not built on buildd: upload info for arch s390x binaries not found
- ∙ ∙ Too young, only 1 of 5 days old
- ∙ ∙ Build-Depends(-Arch): gitlab gitaly (not considered)
- ∙ ∙ Built-Using: gitlab gitaly (not considered)
- Additional info:
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/g/gitlab.html
- ∙ ∙ Waiting for reproducibility test results on amd64 - info ♻
- ∙ ∙ Reproducible on arm64 - info ♻
- ∙ ∙ Waiting for reproducibility test results on armhf - info ♻
- ∙ ∙ Waiting for reproducibility test results on i386 - info ♻
- Not considered

news

[rss feed]

[2025-04-02] Accepted gitlab 17.5.5-2 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2025-04-02] Accepted gitlab 17.5.5-1 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2025-03-13] Accepted gitlab 17.3.5-3 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2025-01-29] Accepted gitlab 17.3.5-2 (source) into unstable (Ananthu C V)
[2024-12-01] Accepted gitlab 17.3.5-1 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-10-30] Accepted gitlab 17.0.8-4 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-10-28] Accepted gitlab 17.0.8-3 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-10-12] Accepted gitlab 17.0.8-2 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-10-11] Accepted gitlab 17.0.8-1 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-07-17] Accepted gitlab 16.11.6-3 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-07-16] Accepted gitlab 16.11.6-2 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-07-13] Accepted gitlab 16.11.6-1 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-07-10] Accepted gitlab 16.11.5-1 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-03-09] Accepted gitlab 16.8.4-1 (source amd64 all) into unstable (Vivek K J)
[2024-03-06] Accepted gitlab 16.8.3-1 (source) into unstable (Vivek K J) (signed by: Praveen Arimbrathodiyil)
[2024-02-21] Accepted gitlab 16.8.2-8 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-02-21] Accepted gitlab 16.8.2-7 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-02-19] Accepted gitlab 16.8.2-5 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-02-19] Accepted gitlab 16.8.2-4 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-02-18] Accepted gitlab 16.8.2-3 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-02-16] Accepted gitlab 16.8.2-2 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-02-16] Accepted gitlab 16.8.2-1 (source) into experimental (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-02-10] Accepted gitlab 16.6.7-1 (source) into unstable (Jakob Haufe)
[2024-02-07] Accepted gitlab 16.6.6-3 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-02-03] Accepted gitlab 16.6.6-2 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-01-31] Accepted gitlab 16.6.6-1 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-01-21] Accepted gitlab 16.6.5-10 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-01-21] Accepted gitlab 16.6.5-9 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-01-21] Accepted gitlab 16.6.5-8 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)
[2024-01-21] Accepted gitlab 16.6.5-7 (source) into unstable (Pirate Praveen) (signed by: Praveen Arimbrathodiyil)

bugs [bug history graph]

all: 39 40
RC: 2
I&N: 33 34
M&W: 4
F&P: 0
patch: 4

links

homepage
lintian (1, 58)
buildd: logs, checks, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debian patches
debci