FreeBSD: VID-6eddfa51-fb44-11e9-86e9-001b217b3468 (CVE-2019-18463): Gitlab -- Disclosure Vulnerabilities

Gitlab reports: Source branch of a MR could be removed by an unauthorised user Private group members could be listed Disclosure of System Notes via Elasticsearch integration Disclosure of Private Comments via Elasticsearch integration Confirm existence of private repositories Private group membership could be disclosed Disclosure of Project Labels Disclosure of Private Project Path and Labels Uncontrolled Resource Consumption due to Nested GraphQL Queries Improper access control on comments Sentry Token Access Control Authorisation check for Project Transfer option XSS in Wiki Pages Using RDoc Untrusted Input could be used for Internal Redirect Access control for protected environments Private Sub Group path Disclosure Disclosure of Group Packages List Private Repository Name Disclosure