Yesterday the developers of Ruby on Rails released a security advisory for SQL injection vulnerability CVE-2014-3483. GitLab is not affected by this vulnerability.
Background
CVE-2014-3483 affects applications which use PostgreSQL bitstring or range types in their database schema. GitLab uses neither of these types in its database schema.
Please contact us at support.gitlab.comif you have any questions about this issue.