Commits · e7d7473f53c605ccb03d35a866b27f722bbd93da · GitLab.org / GitLab

This project is mirrored from https://:*****@gitlab.com/gitlab-org/gitlab.git. Pull mirroring failed 4 months ago.
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer or owner.
Last successful update 4 months ago.

Sep 23, 2024
- Update VERSION files · e7d7473f
  GitLab Release Tools Bot authored 5 months ago
  
  [merge-train skip]
  View commits for tag v17.1.9-rc50-ee v17.1.9-rc50-ee Unverified
  
  e7d7473f
Sep 18, 2024

Merge branch 'sh-backport-openssl-callouts-17-1' into '17-1-stable-ee' · f15f854b

Stan Hu authored 5 months ago

Improve OpenSSL callout message

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/166184



Merged-by: Stan Hu <stanhu@gmail.com>
Approved-by: Drew Blessing <drew@gitlab.com>
Co-authored-by: Drew Blessing <drew@gitlab.com>

Unverified

f15f854b

Improve OpenSSL callout message · a51d383d

Stan Hu authored 5 months ago

The previous message made it sound like everything needed to use
OpenSSL 3. Revise this message to make it clear that TLS 1.2+
is needed for TLS connections, and ensure that we mention ciphers
and bits of encryption.

Unverified

a51d383d

Sep 16, 2024
- Update VERSION files · e95b84d9
  GitLab Release Tools Bot authored 5 months ago
  
  [merge-train skip]
  View commits for tag v17.1.8-ee v17.1.8-ee Unverified
  
  e95b84d9
- Update changelog for 17.1.8 · 1b0e23fa
  GitLab Release Tools Bot authored 5 months ago
  
  [ci skip]
  Unverified
  
  1b0e23fa
- Update managed components version to 17.1.8 · f4e217fa
  GitLab Release Tools Bot authored 5 months ago
  
  [ci skip]
  Unverified
  
  f4e217fa
- OpenSSLv3 will affect both incoming and outgoing connection · ec4faa52
  Drew Blessing authored 5 months ago
  
  Unverified
  
  ec4faa52
Sep 14, 2024

Merge branch 'dblessing_bump_ruby_deps_17-1' into '17-1-stable-ee' · 2abb6ace

Stan Hu authored 5 months ago

Update ruby-saml and omniauth-saml

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/166058



Merged-by: Stan Hu <stanhu@gmail.com>
Approved-by: Andrew Evans <aevans@gitlab.com>
Approved-by: Greg Alfaro <galfaro@gitlab.com>
Approved-by: Greg Myers <gmyers@gitlab.com>
Approved-by: Stan Hu <stanhu@gmail.com>
Co-authored-by: Drew Blessing <drew@gitlab.com>

Unverified

2abb6ace

Sep 13, 2024
- Update ruby-saml and omniauth-saml · a53942ba
  Drew Blessing authored 5 months ago
  
  a53942ba
Sep 11, 2024
- Merge remote-tracking branch 'dev/17-1-stable-ee' into 17-1-stable-ee · 3c66e9a0
  GitLab Release Tools Bot authored 5 months ago
  
  3c66e9a0
- Update VERSION files · 84cf95d6
  GitLab Release Tools Bot authored 5 months ago
  
  [merge-train skip]
  View commits for tag v17.1.7-ee v17.1.7-ee
  
  84cf95d6
- Update changelog for 17.1.7 · 8f8da558
  GitLab Release Tools Bot authored 5 months ago
  
  [ci skip]
  8f8da558
- Update managed components version to 17.1.7 · 7f7b2206
  GitLab Release Tools Bot authored 5 months ago
  
  [ci skip]
  7f7b2206
Sep 10, 2024

Merge branch 'revert-' into '17-1-stable-ee' · de25f142

Mayra Cabrera authored 5 months ago

Revert 'security-psk-fix-external-wiki-integration-dos-17-1' into '17-1"

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4455



Merged-by: Mayra Cabrera <mcabrera@gitlab.com>
Approved-by: Mayra Cabrera <mcabrera@gitlab.com>
Co-authored-by: John T Skarbek <jtslear@gmail.com>

de25f142

Revert 'security-psk-fix-external-wiki-integration-dos-17-1' into '17-1" · ade7fc8b
Ameya Darshan authored 5 months ago and Mayra Cabrera committed 5 months ago
```
Merge branch 'revert-3863794e' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4455

Changelog: security
```
ade7fc8b
Fix broken link fragment in doc/update/index.md · 4e69a1c8
Stan Hu authored 5 months ago
```
The GitLab 17.0.0 section was removed in later versions, so drop the
fragment.
```
Unverified

4e69a1c8

Reconcile changes in doc/security/token_overview.md to fix docs-lint · 13b4f589

Stan Hu authored 5 months ago

Some changes in doc/update/versions/gitlab_17_changes.md referred
to fragments that did not exist in `doc/security/token_overview.md`
for some reason.

Unverified

13b4f589

Merge branch 'sh-backport-openssl-3-docs-17-1' into '17-1-stable-ee' · 400382cc

Stan Hu authored 5 months ago

Improve OpenSSL 3 upgrading warning notes

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/165589



Merged-by: Stan Hu <stanhu@gmail.com>
Approved-by: Achilleas Pipinellis <axil@gitlab.com>

Unverified

400382cc

Merge branch 'cherry-pick-98bf5baa' into '17-1-stable-ee' · 5357cee6

GitLab Release Tools Bot authored 5 months ago

Fix the vulnerability in the glm_source parameter

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4434

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Gabriel Mazetto <gabriel@gitlab.com>
Co-authored-by: Doug Stull <dstull@gitlab.com>

5357cee6

Fix the vulnerability in the glm_source parameter · b4e1ecff
Doug Stull authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'cherry-pick-98bf5baa' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4434

Changelog: security
```
b4e1ecff

Merge branch 'security-460289-confidential-issue-17-1' into '17-1-stable-ee' · 3293fb15

GitLab Release Tools Bot authored 5 months ago

Improve GraphQL log security

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4350

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Greg Myers <gmyers@gitlab.com>
Approved-by: Dzmitry (Dima) Meshcharakou <12459192-dmeshcharakou@users.noreply.gitlab.com>
Co-authored-by: Radamanthus Batnag <rbatnag@gitlab.com>

3293fb15

Improve GraphQL log security · 8234ed61

Rad Batnag authored 5 months ago and

GitLab Release Tools Bot committed 5 months ago

Merge branch 'security-460289-confidential-issue-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4350

Changelog: security

8234ed61

Merge branch 'security-custom-templates-source-code-disclosure-17-1' into '17-1-stable-ee' · 1e279aee

GitLab Release Tools Bot authored 5 months ago

Add permissions check to project creations from a project template

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4445

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Gavin Hinfey <ghinfey@gitlab.com>
Co-authored-by: Fred Reinink <freinink@gitlab.com>

1e279aee

Add permissions check to project creations from a project template · d0c8dcec
Fred Reinink authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'security-custom-templates-source-code-disclosure-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4445

Changelog: security
```
d0c8dcec

Merge branch 'security-scp-url-sanitizer-17-1' into '17-1-stable-ee' · dd99ece0

GitLab Release Tools Bot authored 5 months ago

Fix credentials disclosure in mirroring failure

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4448

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Vasilii Iakliushin <viakliushin@gitlab.com>
Co-authored-by: Olaoluwa Oluro <olaoluro@gitlab.com>

dd99ece0

Fix credentials disclosure in mirroring failure · e616eef4
Ola Oluro authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'security-scp-url-sanitizer-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4448

Changelog: security
```
e616eef4

Merge branch 'security-sg-redirect-check-for-releases-17-1' into '17-1-stable-ee' · e3b8d0bf

GitLab Release Tools Bot authored 5 months ago

Redirect url in the link validated for being external

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4442



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Drew Blessing <drew@gitlab.com>
Co-authored-by: smriti <sgarg@gitlab.com>

e3b8d0bf

Redirect url in the link validated for being external · e358f0c4

Smriti Garg authored 5 months ago and

GitLab Release Tools Bot committed 5 months ago

Merge branch 'security-sg-redirect-check-for-releases-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4442

Changelog: security

e358f0c4

Merge branch 'security-451014-dast-profile-permissions-17-1' into '17-1-stable-ee' · ba0f3bdf

GitLab Release Tools Bot authored 5 months ago

[17.1] Update edit permissions for DAST profiles

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4357



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Alejandro Rodríguez <alejandro@gitlab.com>
Co-authored-by: Arpit Gogia <12347103-arpitgogia@users.noreply.gitlab.com>

ba0f3bdf

[17.1] Update edit permissions for DAST profiles · 428ec2f7

Arpit Gogia authored 5 months ago and

GitLab Release Tools Bot committed 5 months ago

Merge branch 'security-451014-dast-profile-permissions-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4357

Changelog: security

428ec2f7

Merge branch 'security-469367-commit-info-visible-though-atom-17-1' into '17-1-stable-ee' · fa828100

GitLab Release Tools Bot authored 5 months ago

Commit information visible through release atom endpoint for guest users

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4439

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Tomas Bulva <tbulva@gitlab.com>
Co-authored-by: Anna Vovchenko <avovchenko@gitlab.com>

fa828100

Commit information visible through release atom endpoint for guest users · 6745cd87
Anna Vovchenko authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'security-469367-commit-info-visible-though-atom-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4439

Changelog: security
```
6745cd87

Merge branch 'security-run-stop-actions-as-job-owner-17-1' into '17-1-stable-ee' · e2ceeac5

GitLab Release Tools Bot authored 5 months ago

Execute environment stop actions as the owner of the action

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4406

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Fabio Pitino <fpitino@gitlab.com>
Co-authored-by: Tiger <twatson@gitlab.com>

e2ceeac5

Execute environment stop actions as the owner of the action · 8ff8085f
Tiger Watson authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'security-run-stop-actions-as-job-owner-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4406

Changelog: security
```
8ff8085f

Merge branch 'security-prevent-code-injection-in-pa-funnels-17-1-17-1' into '17-1-stable-ee' · 6d28b103

GitLab Release Tools Bot authored 5 months ago

Prevent code injection in Product Analytics funnels YAML

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4429

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Halil Coban <hcoban@gitlab.com>
Co-authored-by: Robert Hunt <rhunt@gitlab.com>

6d28b103

Prevent code injection in Product Analytics funnels YAML · 225aa66c

Robert Hunt authored 5 months ago and

GitLab Release Tools Bot committed 5 months ago

Merge branch 'security-prevent-code-injection-in-pa-funnels-17-1-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4429

Changelog: security

225aa66c

Merge branch 'security-fix-cr-edit-17-1' into '17-1-stable-ee' · e4bd770d

GitLab Release Tools Bot authored 5 months ago

Prevent users with admin_group_member custom ab. to manage custom roles

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4427

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: charlie ablett <cablett@gitlab.com>
Co-authored-by: Jarka Košanová <jarka@gitlab.com>

e4bd770d

Prevent users with admin_group_member custom ab. to manage custom roles · 9c6ad85f
Jarka Kadlecova authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'security-fix-cr-edit-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4427

Changelog: security
```
9c6ad85f

Merge branch 'security-sg-fix-frontend-uri-parse-regex-17-1' into '17-1-stable-ee' · 33bfd9e7

GitLab Release Tools Bot authored 5 months ago

Fixed frontend regex to parse URI

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4421



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Drew Blessing <drew@gitlab.com>
Co-authored-by: smriti <sgarg@gitlab.com>

33bfd9e7

Fixed frontend regex to parse URI · 0ee3b0c7

Smriti Garg authored 5 months ago and

GitLab Release Tools Bot committed 5 months ago

Merge branch 'security-sg-fix-frontend-uri-parse-regex-17-1' into '17-1-stable-ee'

See merge request gitlab-org/security/gitlab!4421

Changelog: security

0ee3b0c7

Admin message

Admin message