FreeBSD: VID-d1b35142-ff4a-11ec-8be3-001b217b3468 (CVE-2022-2185): Gitlab -- multiple vulnerabilities

Gitlab reports: Remote Command Execution via Project Imports XSS in ZenTao integration affecting self hosted instances without strict CSP XSS in project settings page Unallowed users can read unprotected CI variables IP allow-list bypass to access Container Registries 2FA status is disclosed to unauthenticated users CI variables provided to runners outside of a group's restricted IP range IDOR in sentry issues Reporters can manage issues in error tracking Regular Expression Denial of Service via malicious web server responses Unauthorized read for conan repository Open redirect vulnerability Group labels are editable through subproject Release titles visible for any users if group milestones are associated with any project releases Restrict membership by email domain bypass Job information is leaked to users who previously were maintainers via the Runner Jobs API endpoint