The versions indicated by GitLab's Release and the version actually described in ADP Container are different.
ADP content is only 16.7.0 and 16.10,16.11. Fix this so that the correct version is eligible.
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.7 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1 where personal access scopes were not honored by GraphQL subscriptions. This is a medium severity issue (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N, 4.3). It is now mitigated in the latest release and is assigned CVE-2024-4006.
🗣 Description
The versions indicated by GitLab's Release and the version actually described in ADP Container are different. ADP content is only
16.7.0
and16.10
,16.11
. Fix this so that the correct version is eligible.https://about.gitlab.com/releases/2024/04/24/patch-release-gitlab-16-11-1-released/