Commits · 34ee002e28f5197de49a0caef3df987da16c4a58 · Craig Miskell / GitLab

Jan 13, 2021
- Update VERSION files · 34ee002e
  GitLab Release Tools Bot authored 4 years ago
  
  [merge-train skip]
  View commits for tag v13.5.7-ee v13.5.7-ee
  
  34ee002e
- Update CHANGELOG.md for 13.5.7-ee · 35460caf
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  35460caf
- Update CHANGELOG-EE.md for 13.5.7-ee · 0c00c40f
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  0c00c40f
- Update Gitaly version to 13.5.7 · 748003d5
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  748003d5
- Merge branch 'security-deny-implicit-confidential-13-5' into '13-5-stable-ee' · 2df72825
  Alessio Caiazza authored 4 years ago
  
  Deny implicit flow for confidential apps See merge request gitlab-org/security/gitlab!1168
  2df72825
Jan 12, 2021
- Deny implicit flow for confidential apps · 7007c1c7
  Dominic Couture authored 4 years ago
  
  7007c1c7
Jan 07, 2021
- Merge remote-tracking branch 'dev/13-5-stable-ee' into 13-5-stable-ee · 2bf4ea99
  GitLab Release Tools Bot authored 4 years ago
  
  2bf4ea99
- Update VERSION files · 06fb068a
  GitLab Release Tools Bot authored 4 years ago
  
  [merge-train skip]
  View commits for tag v13.5.6-ee v13.5.6-ee
  
  06fb068a
- Update CHANGELOG.md for 13.5.6-ee · cfb3a6ea
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  cfb3a6ea
- Update CHANGELOG-EE.md for 13.5.6-ee · 5ed528fe
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  5ed528fe
- Update Gitaly version to 13.5.6 · 3c0fa7d3
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  3c0fa7d3
Jan 06, 2021
- Merge branch 'security-workhorse-prometheus-13-5' into '13-5-stable-ee' · bf7fc429
  Mayra Cabrera authored 4 years ago
  
  Fix prometheus DoS through Workhorse See merge request gitlab-org/security/gitlab!1146
  bf7fc429
- Merge branch 'security-implicit-confidential-13-5' into '13-5-stable-ee' · e69261a9
  Mayra Cabrera authored 4 years ago
  
  Deny implicit flow for confidential apps See merge request gitlab-org/security/gitlab!1141
  e69261a9
- Merge branch 'security-trusted-confidential-apps-13-5' into '13-5-stable-ee' · 74f6c5c6
  GitLab Release Tools Bot authored 4 years ago
  
  Set all trusted OAuth apps as confidential See merge request gitlab-org/security/gitlab!1152
  74f6c5c6
- Merge branch 'security-package-regex-dos-13-5' into '13-5-stable-ee' · af74add0
  GitLab Release Tools Bot authored 4 years ago
  
  Fix regex backtracking issue in package_name_regex See merge request gitlab-org/security/gitlab!1111
  af74add0
- Merge branch 'security-pages-1-28-1' into '13-5-stable-ee' · 48b491bb
  GitLab Release Tools Bot authored 4 years ago
  
  Fix stealing API token and Prometheus DoS through GitLab Pages See merge request gitlab-org/security/gitlab!1138
  48b491bb
- Fix stealing API token and Prometheus DoS through GitLab Pages · 48140064
  vshushlin authored 4 years ago and GitLab Release Tools Bot committed 4 years ago
  
  48140064
- Merge branch 'security-nuget-api-regex-dos-13-5' into '13-5-stable-ee' · ea4b3689
  GitLab Release Tools Bot authored 4 years ago
  
  Update non-negative integer regex to protect against regex DoS See merge request gitlab-org/security/gitlab!1133
  ea4b3689
- Update non-negative integer regex to protect against regex DoS · e7aacaef
  Vitor Meireles de Sousa authored 4 years ago and GitLab Release Tools Bot committed 4 years ago
  
  e7aacaef
- Merge branch 'security-id-forbid-public-cache-for-private-repos-13-5' into '13-5-stable-ee' · 3585464b
  GitLab Release Tools Bot authored 4 years ago
  
  Forbid public cache for private repos See merge request gitlab-org/security/gitlab!1149
  3585464b
Jan 04, 2021
- Upgrade GitLab Workhorse to 8.51.2 · 36b5b0c9
  Vladimir Shushlin authored 4 years ago and Jacob Vosmaer (GitLab) committed 4 years ago
  
  36b5b0c9
- Merge branch 'am-fix-redis-hll-keys-for-13.5' into '13-5-stable-ee' · 8949995f
  Mayra Cabrera authored 4 years ago
  
  Fix weekly Redis HLL keys for 13-5-stable-ee See merge request gitlab-org/gitlab!50776
  8949995f
- Merge branch 'am-redis-hll-keys-issue' into 'master' · 930aa4d8
  Alper Akgun authored 4 years ago and Alina Mihaila committed 4 years ago
  
  Fix Redis HLL weekly keys See merge request gitlab-org/gitlab!50358
  Unverified
  
  930aa4d8
Dec 29, 2020

Set all trusted OAuth apps as confidential · aeb553ef

Dominic Couture authored 4 years ago

Migrate all trusted apps to confidential to avoid
potential access token leak abusing implicit flow

aeb553ef

Dec 28, 2020

Forbid public cache for private repos · bb3f3e48

Igor Drozdov authored 4 years ago

When project is public but the repository is private, we don't
want to cache it as public. In this case, anybody will be able
to see the cached version of the private content during 60s
after an eligible user has viewed it.

bb3f3e48

Dec 23, 2020

Deny implicit flow for confidential apps · 9a222a7d
Dominic Couture authored 4 years ago

9a222a7d
Merge branch 'pb-fix-13-5-stable-branch' into '13-5-stable-ee' · fe986ce5
Alessio Caiazza authored 4 years ago
```
Run test at a fixed time

See merge request gitlab-org/gitlab!50489
```
fe986ce5

Run test at a fixed time · 7e689de4

Albert Salim authored 4 years ago and

Patrick Bajao committed 4 years ago

Due to how HLLRedisCounter#weekly_redis_keys converts
dates to calendar week, it would result in an empty
array when the calendar week of end_date occurs before
the calendar week of start_date.

For example, given start_date 2020-12-01 and
end_date 2021-01-01, the calendar week would be reversed,
resulting in empty array from #weekly_redis_keys

7e689de4

Dec 07, 2020
- Merge remote-tracking branch 'dev/13-5-stable-ee' into 13-5-stable-ee · a09a0b6d
  GitLab Release Tools Bot authored 4 years ago
  
  a09a0b6d
- Update VERSION files · 2e75f6e5
  GitLab Release Tools Bot authored 4 years ago
  
  [merge-train skip]
  View commits for tag v13.5.5-ee v13.5.5-ee
  
  2e75f6e5
- Update CHANGELOG.md for 13.5.5-ee · d12eb1bd
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  d12eb1bd
- Update CHANGELOG-EE.md for 13.5.5-ee · 6eff3e6f
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  6eff3e6f
- Update Gitaly version to 13.5.5 · e2255632
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  e2255632
Dec 04, 2020
- Merge branch 'security-starred-projects-api-fix-13-5' into '13-5-stable-ee' · 3c30123c
  GitLab Release Tools Bot authored 4 years ago
  
  Do not expose starred projects of users with private profile via API See merge request gitlab-org/security/gitlab!1084
  3c30123c
- Merge branch 'security-starred-projects-private-profile-13-5' into '13-5-stable-ee' · 376bf33d
  GitLab Release Tools Bot authored 4 years ago
  
  Hide starred & contributed projects of users with private profile See merge request gitlab-org/security/gitlab!1082
  376bf33d
- Merge branch 'security-hide-email-in-confirmation-page-13-5' into '13-5-stable-ee' · 1cf32732
  GitLab Release Tools Bot authored 4 years ago
  
  Do not show emails of users in confirmation page See merge request gitlab-org/security/gitlab!1080
  1cf32732
- Merge branch 'security-project-import-zoom-xss-13-5' into '13-5-stable-ee' · 2f230da8
  GitLab Release Tools Bot authored 4 years ago
  
  Validate zoom links to start with https only See merge request gitlab-org/security/gitlab!1078
  2f230da8
- Merge branch 'security-confepic-todo2-13-5' into '13-5-stable-ee' · 893a9c28
  GitLab Release Tools Bot authored 4 years ago
  
  Cleanup confidential epic todos See merge request gitlab-org/security/gitlab!1092
  893a9c28
- Merge branch 'security-296-private_profile_exposure-13-5' into '13-5-stable-ee' · 584b2930
  GitLab Release Tools Bot authored 4 years ago
  
  Ensure group and project memberships are not leaked See merge request gitlab-org/security/gitlab!1087
  584b2930
- Merge branch 'security-mermaid-rc-13-5' into '13-5-stable-ee' · 0fbd5f48
  GitLab Release Tools Bot authored 4 years ago
  
  Fix mermaid resource consumption in GFM fields See merge request gitlab-org/security/gitlab!1067
  0fbd5f48

Admin message

Admin message