This project is mirrored from https://:*****@gitlab.com/gitlab-org/gitlab.git.
Pull mirroring failed .
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer or owner.
Last successful update .
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer or owner.
Last successful update .
- Jun 30, 2016
-
-
Robert Speicher authored
-
Robert Speicher authored
-
Robert Speicher authored
[ci skip]
-
Robert Speicher authored
[ci skip]
-
Douwe Maan authored
Ensure logged-out users can't see private refs https://gitlab.com/gitlab-org/gitlab-ce/issues/18033 I'm still not sure what to do about the CHANGELOG on security issues - should I add to a patch release? This issue was assigned to 8.10. See merge request !1974 (cherry picked from commit 3a6ebb1f)
-
Douwe Maan authored
Fix privilege escalation issue with OAuth external users Related to https://gitlab.com/gitlab-org/gitlab-ce/issues/19312 This MR fixes a privilege escalation issue, where manually set external users would be reverted back to internal users if they logged in via OAuth and that provider was not in the `external_providers` list. /cc @douwe See merge request !1975 (cherry picked from commit 5e6342b7)
-
- Jun 28, 2016
-
-
Robert Speicher authored
-
Robert Speicher authored
-
Robert Speicher authored
Add test for snippets search when ElasticSearch is enabled Related issue https://gitlab.com/gitlab-org/gitlab-ce/issues/18997 See merge request !502
-
- Jun 27, 2016
-
-
Douglas Barbosa Alexandre authored
-
Robert Speicher authored
-
Robert Speicher authored
Fix visibility of snippets when searching Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/18997 See merge request !1972 (cherry picked from commit 8a197c15)
-
Stan Hu authored
Update omniauth-saml to 1.6.0 to address a security vulnerability in ruby-saml Updates `omniauth-saml` to bring in the new `ruby-saml` dependency that addresses [CVE-2016-5697](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5697) Fixes #19206 See merge request !4951 (cherry picked from commit c3a8b252)
-
- Jun 15, 2016
-
-
Tomasz Maczukin authored
-
Tomasz Maczukin authored
-
- Jun 14, 2016
-
-
Tomasz Maczukin authored
* ce-dev/8-7-stable: Merge branch '18535-confidential-issue-notes' into 'master'
-
Robert Speicher authored
Only show notes through JSON on confidential issues that the user has access to Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/18535 See merge request !1970
-
Tomasz Maczukin authored
* ce-dev/8-7-stable: Update CHANGELOG for 8.7.7 Merge branch '17298-wiki-xss' into 'master' Merge branch 'fix/unauthorized-access-to-build-data' into 'master'
-
Tomasz Maczukin authored
-
Tomasz Maczukin authored
-
Robert Speicher authored
Forbid scripting for wiki files Wiki files (not pages - files in the repo) are just sent to the browser with whatever content-type the mime_types gem assigns to them based on their extension. As this is from the same domain as the GitLab application, this is an XSS vulnerability. Set a CSP forbidding all sources for scripting, CSS, XHR, etc. on these files. Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/17298. See merge request !1969
-
Douwe Maan authored
Remove 'unscoped' from project builds selection This is a fix for this security bug: https://gitlab.com/gitlab-org/gitlab-ce/issues/18188 /cc @Kamil @grzegorz @stanhu See merge request !1968
-
- May 20, 2016
-
-
Yorick Peterse authored
-
Yorick Peterse authored
-
Yorick Peterse authored
-
Kamil Trzcińśki authored
Bump GitLab Pages to 0.2.4 This fixes 404 Content-Type that were supposed to be fixed last time. cc @axil @dblessing See merge request !394
-
Yorick Peterse authored
This wasn't removed when merging CE into this branch.
-
Yorick Peterse authored
-
- May 19, 2016
-
-
Yorick Peterse authored
-
Yorick Peterse authored
-
Robert Speicher authored
fix typo making gitlab.com importing to fail Fixes https://gitlab.com/gitlab-org/gitlab-ee/issues/565 See merge request !4181
-
Rémy Coutable authored
Use the relative url prefix for links in Wiki Retry of gitlab-org/gitlab-ce!4026 @rymai !4050 solved all other problems how it looks like. I [tested](https://gitlab.com/artem-forks/gitlab-ce/commit/ff01eca7b559efa7cacf3412aa01cd8ae8a6db7e/builds) this with ruby22 Fixes #17071 See merge request !4131
-
Rémy Coutable authored
Create import data in service and fix timing issues when scheduling job Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/17401 Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/17376 See merge request !4106
-
- May 12, 2016
-
-
Yorick Peterse authored
-
Yorick Peterse authored
-
Yorick Peterse authored
-
Yorick Peterse authored
-
Yorick Peterse authored
-
Robert Speicher authored
Fix an issue when filtering merge requests with more than one label Fixes #15529. See merge request !3886
-
Yorick Peterse authored
-