From 800985b4505587c426df24d76a3b698f50262096 Mon Sep 17 00:00:00 2001
From: Pirate Praveen <praveen@debian.org>
Date: Fri, 29 Nov 2019 12:09:22 +0530
Subject: [PATCH] Tighten dependency on gitlab-workhorse and gitaly

 (Fixes: CVE-2019-19260)
---
 debian/control | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/debian/control b/debian/control
index aceb72806b..767a4f36c9 100644
--- a/debian/control
+++ b/debian/control
@@ -35,7 +35,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends},
  openssh-client,
  bzip2,
  ucf,
- gitlab-workhorse (>= 8.8.1~),
+ gitlab-workhorse (>= 8.8.1+debian-3~),
  ruby-rails (>= 2:5.2.3~),
  ruby-bootsnap,
  ruby-nakayoshi-fork (>= 0.0.4~),
@@ -302,7 +302,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends},
  ruby-ed25519 (>= 1.2~),
  ruby-bcrypt-pbkdf (>= 1.0~),
 # Gitaly GRPC client
- ruby-gitaly (>= 1.58~),
+ ruby-gitaly (>= 1.65.2+dfsg-1~),
  ruby-grpc (>= 1.19~),
  ruby-google-protobuf (>= 3.7~),
 #
@@ -381,7 +381,7 @@ Depends: ${shlibs:Depends}, ${misc:Depends},
 # gitlab-sidekiq was failing without puma
  puma
 Recommends: certbot,
- gitaly (>= 1.59.3~)
+ gitaly (>= 1.65.2+dfsg-1~)
 Conflicts: libruby2.3
 Description: git powered software platform to collaborate on code (non-omnibus)
  gitlab provides web based interface to host source code and track issues.