Commits · v13.8.5-ee · ci-test-user-mk / GitLab

Mar 04, 2021
- Update VERSION files · cf644d8c
  GitLab Release Tools Bot authored 4 years ago
  
  [merge-train skip]
  View commits for tag v13.8.5-ee v13.8.5-ee
  
  cf644d8c
- Update CHANGELOG.md for 13.8.5-ee · bb14b8d7
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  bb14b8d7
- Update CHANGELOG-EE.md for 13.8.5-ee · 14b169ec
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  14b169ec
- Update Gitaly version to 13.8.5 · 9af09525
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  9af09525
Mar 03, 2021
- Merge branch 'security-jv-workhorse-router-13-8' into '13-8-stable-ee' · 6b9f45dc
  Robert Speicher authored 4 years ago
  
  Workhorse: prevent escaped router path traversal See merge request gitlab-org/security/gitlab!1266
  6b9f45dc
- Merge branch 'security-13-8-fj-fix-xss-wiki-email' into '13-8-stable-ee' · 76fd9391
  Robert Speicher authored 4 years ago
  
  Possible XSS in wiki author name See merge request gitlab-org/security/gitlab!1251
  76fd9391
- Merge branch 'security-clean-up-active-sessions-13-8' into '13-8-stable-ee' · 066a2ba6
  GitLab Release Tools Bot authored 4 years ago
  
  Clean up active session file See merge request gitlab-org/security/gitlab!1270
  066a2ba6
- Merge branch 'security-upgrade-swagger-ui-13-8' into '13-8-stable-ee' · c3269208
  GitLab Release Tools Bot authored 4 years ago
  
  Bump swagger-ui-dist version See merge request gitlab-org/security/gitlab!1277
  c3269208
- Merge branch 'security-bvl-update-thrift-gem-13-8' into '13-8-stable-ee' · 70010b11
  GitLab Release Tools Bot authored 4 years ago
  
  Bump thrift to 0.14.0 See merge request gitlab-org/security/gitlab!1273
  70010b11
- Merge branch 'security-ci-api-variables-permissions-13-8' into '13-8-stable-ee' · 60d1fbbc
  GitLab Release Tools Bot authored 4 years ago
  
  Allow only group owners to manage group variables See merge request gitlab-org/security/gitlab!1257
  60d1fbbc
- Update vendored workhorse to v8.59.2 · d4e4f8a5
  Patrick Bajao authored 4 years ago
  
  d4e4f8a5
- Update GITLAB_WORKHORSE_VERSION · 05020457
  Patrick Bajao authored 4 years ago
  
  05020457
- Update VERSION to 8.59.2 · 5036c90e
  Alessio Caiazza authored 4 years ago
  
  5036c90e
- Update CHANGELOG for 8.59.2 · d7244bdc
  Alessio Caiazza authored 4 years ago
  
  [ci skip]
  d7244bdc
- Merge branch 'security-remove-validate-path-logging-8-59' into '8-59-stable' · 2f81bd4e
  Alessio Caiazza authored 4 years ago
  
  Stop logging when path is excluded See merge request gitlab-org/security/gitlab-workhorse!32
  2f81bd4e
- Stop logging when path is excluded · 49e57eb8
  Patrick Bajao authored 4 years ago
  
  This causes logging a lot and reporting to sentry which can cause performance issues.
  49e57eb8
Mar 02, 2021
- Bump swagger-ui-dist version · 6549936e
  Jacques Erasmus authored 4 years ago and Paul Slaughter committed 4 years ago
  
  Bumped the swagger-ui-dist version to the latest
  6549936e
- Merge branch 'ps-fix-13-8-date-dependent-spec' into '13-8-stable-ee' · 19b4123e
  Robert Speicher authored 4 years ago
  
  Fix date dependent spec with useFakeDate See merge request gitlab-org/gitlab!55515
  19b4123e
- Fix date dependent spec with useFakeDate · dfff5bad
  Paul Slaughter authored 4 years ago
  
  - Blocking other 13.8 backports
  Unverified
  
  dfff5bad
Feb 25, 2021

Bob Van Landuyt authored 4 years ago

This is a minor bump of the thrift gem. This is a dependency of labkit
through jaeger-client

c923dc30

Clean up active session file · be68c117

mksionek authored 4 years ago

From to-do items

Remove binding.pry

Fix warden to-do

Add warden guard clause

Add changelog entry

Change naming in changelog

be68c117

Feb 24, 2021
- Update vendored workhorse to v8.59.1 · e82f4d44
  Jacob Vosmaer (GitLab) authored 4 years ago
  
  e82f4d44
- Use Workhorse 8.59.1 · 0571be41
  Jacob Vosmaer (GitLab) authored 4 years ago
  
  0571be41
- Update VERSION to 8.59.1 · d47d79db
  Patrick Bajao authored 4 years ago
  
  d47d79db
- Update CHANGELOG for 8.59.1 · 2dd730f2
  Patrick Bajao authored 4 years ago
  
  [ci skip]
  2dd730f2
- Merge branch 'jv-router-escape-path-8-59' into '8-59-stable' · 639dbae0
  Patrick Bajao authored 4 years ago
  
  Use URL.EscapePath() in upstream router (8-59-stable) See merge request gitlab-org/security/gitlab-workhorse!27
  639dbae0
Feb 23, 2021
- Use URL.EscapePath() in upstream router · eb1fd755
  Jacob Vosmaer (GitLab) authored 4 years ago
  
  eb1fd755
Feb 19, 2021

Allow only group owners to manage group variables · b70f969b

Marius Bobin authored 4 years ago

Before this change we were allowing maintainers to manage
group variables even though our permissions page list only owners.

Unverified

b70f969b

Feb 15, 2021
- Fix XSS in wiki author email and name · b116b575
  Francisco Javier López authored 4 years ago
  
  In this commit we fix a XSS when rendering the wiki commit info in the header.
  Unverified
  
  b116b575
Feb 11, 2021
- Merge remote-tracking branch 'dev/13-8-stable-ee' into 13-8-stable-ee · 276cb4c0
  GitLab Release Tools Bot authored 4 years ago
  
  276cb4c0
- Update VERSION files · f65d7b6f
  GitLab Release Tools Bot authored 4 years ago
  
  [merge-train skip]
  View commits for tag v13.8.4-ee v13.8.4-ee
  
  f65d7b6f
- Update CHANGELOG.md for 13.8.4-ee · e0dd779e
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  e0dd779e
- Update CHANGELOG-EE.md for 13.8.4-ee · a50d2bfa
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  a50d2bfa
- Update Gitaly version to 13.8.4 · e6f7b4e3
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  e6f7b4e3
Feb 10, 2021
- Merge branch 'security-limit-fscanl-13-8' into '13-8-stable-ee' · 02f1649e
  Mayra Cabrera authored 4 years ago
  
  Prevent Denial of Service Attack on gitlab-shell See merge request gitlab-org/security/gitlab!1198
  02f1649e
- Merge branch... · 3d46e179
  Mayra Cabrera authored 4 years ago
  
  Merge branch 'security-respect-analytics-enabled-rule-for-project-level-analytics-features-13-8' into '13-8-stable-ee' Respect analytics_enabled policy rule See merge request gitlab-org/security/gitlab!1227
  3d46e179
- Merge branch 'security-ssl-verification-ftc-13-8' into '13-8-stable-ee' · aeeb13e2
  Mayra Cabrera authored 4 years ago
  
  Always perform SSL verification for FortiTokenCloud Integration See merge request gitlab-org/security/gitlab!1188
  aeeb13e2
- Merge branch 'security-ssrf-prometheus-iap-13-8' into '13-8-stable-ee' · a22e8aa3
  GitLab Release Tools Bot authored 4 years ago
  
  Prevent SSRF requests for Prometheus when secured by Google IAP See merge request gitlab-org/security/gitlab!1233
  a22e8aa3
- Merge branch 'security-fix-unauthenticated-lint-13-8-13-8' into '13-8-stable-ee' · d702c2be
  GitLab Release Tools Bot authored 4 years ago
  
  Change authorization policy for /lint See merge request gitlab-org/security/gitlab!1211
  d702c2be
- Merge branch 'security-check-user-access-on-api-mr-read-actions-13.8' into '13-8-stable-ee' · 56614495
  GitLab Release Tools Bot authored 4 years ago
  
  Security check user access on API mr read actions See merge request gitlab-org/security/gitlab!1205
  56614495

Admin message

Admin message