Commits · v17.2.8-ee · GitLab.org / GitLab

This project is mirrored from https://:*****@gitlab.com/gitlab-org/gitlab.git. Pull mirroring failed 4 months ago.
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer or owner.
Last successful update 4 months ago.

Sep 24, 2024

Update VERSION files · b47f3914
GitLab Release Tools Bot authored 5 months ago
```
[merge-train skip]
```
View commits for tag v17.2.8-ee v17.2.8-ee

b47f3914
Update changelog for 17.2.8 · a12d25e9
GitLab Release Tools Bot authored 5 months ago
```
[ci skip]
```
a12d25e9
Update managed components version to 17.2.8 · c5cb5810
GitLab Release Tools Bot authored 5 months ago
```
[ci skip]
```
c5cb5810

Merge branch 'security-duo-chat-issue-summary-prompt-injection-1-17-2' into '17-2-stable-ee' · bd704b44

Mayra Cabrera authored 5 months ago

Implement input sanitization for SummarizeComments

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4412



Merged-by: Mayra Cabrera <mcabrera@gitlab.com>
Approved-by: Ethan Urie <eurie@gitlab.com>
Approved-by: Mayra Cabrera <mcabrera@gitlab.com>
Co-authored-by: dillonwheeler <dwheeler@gitlab.com>

bd704b44

Implement input sanitization for SummarizeComments · 4bed1f85

Dillon Wheeler authored 5 months ago and

Mayra Cabrera committed 5 months ago

Merge branch 'security-duo-chat-issue-summary-prompt-injection-1-17-2' into '17-2-stable-ee'

See merge request gitlab-org/security/gitlab!4412

Changelog: security

4bed1f85

Merge branch 'security-hide-system-notes-with-invalid-references-17-2' into '17-2-stable-ee' · a2fe2a32

GitLab Release Tools Bot authored 5 months ago

Hide system notes with invalid references

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4484



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Bob Van Landuyt <bob@gitlab.com>
Co-authored-by: Heinrich Lee Yu <heinrich@gitlab.com>

a2fe2a32

Hide system notes with invalid references · 884df0d6

Heinrich Lee Yu authored 5 months ago and

GitLab Release Tools Bot committed 5 months ago

Merge branch 'security-hide-system-notes-with-invalid-references-17-2' into '17-2-stable-ee'

See merge request gitlab-org/security/gitlab!4484

Changelog: security

884df0d6

Merge branch 'security-1180-fix-dependency-proxy-leak-17-2' into '17-2-stable-ee' · ab6119c8

GitLab Release Tools Bot authored 5 months ago

Reset dependency proxy maven credentials when registry url is changed

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4459

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Dzmitry (Dima) Meshcharakou <12459192-dmeshcharakou@users.noreply.gitlab.com>
Co-authored-by: Radamanthus Batnag <rbatnag@gitlab.com>

ab6119c8

Reset dependency proxy maven credentials when registry url is changed · c43c6ab5
Rad Batnag authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'security-1180-fix-dependency-proxy-leak-17-2' into '17-2-stable-ee'

See merge request gitlab-org/security/gitlab!4459

Changelog: security
```
c43c6ab5

Merge branch 'sh-openssl-3-callout-17-2' into '17-2-stable-ee' · a0882ff7

Stan Hu authored 5 months ago

Update OpenSSL v3 callout to delay update to GitLab 17.7

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/166935



Merged-by: Stan Hu <stanhu@gmail.com>
Approved-by: Ash McKenzie <amckenzie@gitlab.com>

Unverified

a0882ff7

Sep 23, 2024
- Update OpenSSL v3 callout to delay update to GitLab 17.7 · 12e2ad2a
  Stan Hu authored 5 months ago
  
  This gives users more time to prepare for the upgrade.
  Unverified
  
  12e2ad2a
- Update VERSION files · 5e02069e
  GitLab Release Tools Bot authored 5 months ago
  
  [merge-train skip]
  View commits for tag v17.2.8-rc50-ee v17.2.8-rc50-ee Unverified
  
  5e02069e
Sep 18, 2024

Merge branch 'sh-backport-openssl-callouts-17-2' into '17-2-stable-ee' · 33cd7e58

Stan Hu authored 5 months ago

Improve OpenSSL callout message

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/166183



Merged-by: Stan Hu <stanhu@gmail.com>
Approved-by: Drew Blessing <drew@gitlab.com>
Co-authored-by: Drew Blessing <drew@gitlab.com>

Unverified

33cd7e58

Improve OpenSSL callout message · bd5b2c87

Stan Hu authored 5 months ago

The previous message made it sound like everything needed to use
OpenSSL 3. Revise this message to make it clear that TLS 1.2+
is needed for TLS connections, and ensure that we mention ciphers
and bits of encryption.

Unverified

bd5b2c87

Sep 16, 2024
- Update VERSION files · 18473c20
  GitLab Release Tools Bot authored 5 months ago
  
  [merge-train skip]
  View commits for tag v17.2.7-ee v17.2.7-ee Unverified
  
  18473c20
- Update changelog for 17.2.7 · 69e8a487
  GitLab Release Tools Bot authored 5 months ago
  
  [ci skip]
  Unverified
  
  69e8a487
- Update managed components version to 17.2.7 · 3e5779eb
  GitLab Release Tools Bot authored 5 months ago
  
  [ci skip]
  Unverified
  
  3e5779eb
- OpenSSLv3 will affect both incoming and outgoing connection · e1f45f15
  Drew Blessing authored 5 months ago
  
  Unverified
  
  e1f45f15
Sep 13, 2024
- Update VERSION files · e1f800cf
  GitLab Release Tools Bot authored 5 months ago
  
  [merge-train skip]
  View commits for tag v17.2.6-ee v17.2.6-ee Unverified
  
  e1f800cf
- Update changelog for 17.2.6 · ac7ef10c
  GitLab Release Tools Bot authored 5 months ago
  
  [ci skip]
  Unverified
  
  ac7ef10c
- Update managed components version to 17.2.6 · 610c2f36
  GitLab Release Tools Bot authored 5 months ago
  
  [ci skip]
  Unverified
  
  610c2f36
- Merge branch 'atevans-bump-ruby-deps-17-2' into '17-2-stable-ee' · 5b618608
  Ahmad Tolba authored 5 months ago
  
  Bump ruby dependencies See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/166043 Merged-by: Ahmad Tolba <atolba@gitlab.com> Approved-by: Aboobacker MK <akarakath@gitlab.com> Approved-by: Jim Baumgardner <jbaumgardner@gitlab.com> Approved-by: Mayra Cabrera <mcabrera@gitlab.com> Co-authored-by: Drew Blessing <drew@gitlab.com>
  Unverified
  
  5b618608
- Bump ruby dependencies · 51c53e28
  Drew Blessing authored 5 months ago
  
  51c53e28
Sep 11, 2024
- Merge remote-tracking branch 'dev/17-2-stable-ee' into 17-2-stable-ee · 6fb0f3ab
  GitLab Release Tools Bot authored 5 months ago
  
  6fb0f3ab
- Update VERSION files · e57a21de
  GitLab Release Tools Bot authored 5 months ago
  
  [merge-train skip]
  View commits for tag v17.2.5-ee v17.2.5-ee
  
  e57a21de
- Update changelog for 17.2.5 · ebd46a92
  GitLab Release Tools Bot authored 5 months ago
  
  [ci skip]
  ebd46a92
- Update managed components version to 17.2.5 · 43644803
  GitLab Release Tools Bot authored 5 months ago
  
  [ci skip]
  43644803
Sep 10, 2024

Merge branch 'revert-' into '17-2-stable-ee' · 9d3b435e

Mayra Cabrera authored 5 months ago

Revert "Merge branch 'security-psk-fix-external-wiki-integration-dos-17-2' into '17-2-stable-ee'"

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4454

Merged-by: Mayra Cabrera <mcabrera@gitlab.com>
Approved-by: Mayra Cabrera <mcabrera@gitlab.com>
Co-authored-by: John T Skarbek <jtslear@gmail.com>

9d3b435e

Revert "Merge branch 'security-psk-fix-external-wiki-integration-dos-17-2' into '17-2-stable-ee'" · f81601eb
Ameya Darshan authored 5 months ago and Mayra Cabrera committed 5 months ago
```
Merge branch 'revert-7bad7451' into '17-2-stable-ee'

See merge request gitlab-org/security/gitlab!4454

Changelog: security
```
f81601eb

Merge branch 'sh-backport-openssl-3-docs-17-2' into '17-2-stable-ee' · ad886c0b

Stan Hu authored 5 months ago

Improve OpenSSL 3 upgrading warning notes

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/165587



Merged-by: Stan Hu <stanhu@gmail.com>
Approved-by: Eduardo Sanz García <esanz-garcia@gitlab.com>

Unverified

ad886c0b

Merge branch 'cherry-pick-98bf5baa-2' into '17-2-stable-ee' · c0c9b8c5

GitLab Release Tools Bot authored 5 months ago

Fix the vulnerability in the glm_source parameter

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4435

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Gabriel Mazetto <gabriel@gitlab.com>
Co-authored-by: Doug Stull <dstull@gitlab.com>

c0c9b8c5

Fix the vulnerability in the glm_source parameter · 676a3fad
Doug Stull authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'cherry-pick-98bf5baa-2' into '17-2-stable-ee'

See merge request gitlab-org/security/gitlab!4435

Changelog: security
```
676a3fad

Merge branch 'security-460289-confidential-issue-17-2' into '17-2-stable-ee' · 70e3c1af

GitLab Release Tools Bot authored 5 months ago

Improve GraphQL log security

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4349

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Greg Myers <gmyers@gitlab.com>
Approved-by: Dzmitry (Dima) Meshcharakou <12459192-dmeshcharakou@users.noreply.gitlab.com>
Reviewed-by: Dzmitry (Dima) Meshcharakou <12459192-dmeshcharakou@users.noreply.gitlab.com>
Co-authored-by: Radamanthus Batnag <rbatnag@gitlab.com>

70e3c1af

Improve GraphQL log security · 306589f3

Rad Batnag authored 5 months ago and

GitLab Release Tools Bot committed 5 months ago

Merge branch 'security-460289-confidential-issue-17-2' into '17-2-stable-ee'

See merge request gitlab-org/security/gitlab!4349

Changelog: security

306589f3

Merge branch 'security-custom-templates-source-code-disclosure-17-2' into '17-2-stable-ee' · 478af9a8

GitLab Release Tools Bot authored 5 months ago

Add permissions check to project creations from a project template

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4444

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Gavin Hinfey <ghinfey@gitlab.com>
Co-authored-by: Fred Reinink <freinink@gitlab.com>

478af9a8

Add permissions check to project creations from a project template · c5e57b45
Fred Reinink authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'security-custom-templates-source-code-disclosure-17-2' into '17-2-stable-ee'

See merge request gitlab-org/security/gitlab!4444

Changelog: security
```
c5e57b45

Merge branch 'security-scp-url-sanitizer-17-2' into '17-2-stable-ee' · 2795ec4b

GitLab Release Tools Bot authored 5 months ago

Fix credentials disclosure in mirroring failure

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4447

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Vasilii Iakliushin <viakliushin@gitlab.com>
Co-authored-by: Olaoluwa Oluro <olaoluro@gitlab.com>

2795ec4b

Fix credentials disclosure in mirroring failure · 2973e776
Ola Oluro authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'security-scp-url-sanitizer-17-2' into '17-2-stable-ee'

See merge request gitlab-org/security/gitlab!4447

Changelog: security
```
2973e776

Merge branch 'security-sg-redirect-check-for-releases-17-2' into '17-2-stable-ee' · b0d4581c

GitLab Release Tools Bot authored 5 months ago

Redirect url in the link validated for being external

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4441



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Drew Blessing <drew@gitlab.com>
Co-authored-by: smriti <sgarg@gitlab.com>

b0d4581c

Redirect url in the link validated for being external · 7cdde56d

Smriti Garg authored 5 months ago and

GitLab Release Tools Bot committed 5 months ago

Merge branch 'security-sg-redirect-check-for-releases-17-2' into '17-2-stable-ee'

See merge request gitlab-org/security/gitlab!4441

Changelog: security

7cdde56d

Admin message

Admin message