
Gitlab Critical Security Release: 13.0.4, 12.10.9, 12.9.9 - slrz
https://about.gitlab.com/releases/2020/06/03/critical-security-release-13-0-4-released/
======
slrz
Any guesses on how to interpret the description?

> An authorization issue discovered in the CI jobs token handling allowed read
> access to public projects with restricted repositories. This issue is now
> mitigated in the latest release and is waiting for a CVE ID to be assigned.

A GitLab project can have multiple repositories? I don't think so. Is this
just s/project/group/?

