Commits · v17.3.4-rc50-ee · GitLab.org / GitLab

This project is mirrored from https://:*****@gitlab.com/gitlab-org/gitlab.git. Pull mirroring failed 4 months ago.
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer or owner.
Last successful update 4 months ago.

Sep 23, 2024
- Update VERSION files · 89e10013
  GitLab Release Tools Bot authored 5 months ago
  
  [merge-train skip]
  View commits for tag v17.3.4-rc50-ee v17.3.4-rc50-ee Unverified
  
  89e10013
Sep 19, 2024

Merge branch 'cherry-pick-' into '17-3-stable-ee' · 2b3ac008

Gary Holtz authored 5 months ago

Fix Code Review AI features policies to check duo features enabled toggle

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/166302



Merged-by: Gary Holtz <gholtz@gitlab.com>
Approved-by: Gary Holtz <gholtz@gitlab.com>
Approved-by: mo khan <mo@mokhan.ca>
Co-authored-by: Patrick Bajao <ebajao@gitlab.com>

Unverified

2b3ac008

Merge branch 'sh-backport-openssl-callouts-17-3' into '17-3-stable-ee' · 79c8d9e5

Stan Hu authored 5 months ago

Improve OpenSSL callout message

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/166181



Merged-by: Stan Hu <stanhu@gmail.com>
Approved-by: Drew Blessing <drew@gitlab.com>
Co-authored-by: Drew Blessing <drew@gitlab.com>

Unverified

79c8d9e5

Sep 18, 2024

Improve OpenSSL callout message · 5aea657c

Stan Hu authored 5 months ago

The previous message made it sound like everything needed to use
OpenSSL 3. Revise this message to make it clear that TLS 1.2+
is needed for TLS connections, and ensure that we mention ciphers
and bits of encryption.

Unverified

5aea657c

Sep 17, 2024

Merge branch '481955-fix-duo-cli-generate-commit-messages-policies' into 'master' · 15a3b205

Patrick Bajao authored 5 months ago

Fix Code Review AI features policies to check duo features enabled toggle

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/165021



Merged-by: Jarka Košanová <jarka@gitlab.com>
Approved-by: Jan Provaznik <jprovaznik@gitlab.com>
Approved-by: Jarka Košanová <jarka@gitlab.com>
Reviewed-by: Jarka Košanová <jarka@gitlab.com>
Reviewed-by: Patrick Bajao <ebajao@gitlab.com>
Reviewed-by: Gosia Ksionek <mksionek@gitlab.com>
Co-authored-by: Patrick Bajao <ebajao@gitlab.com>

(cherry picked from commit 2a2568ed)

3ed56e62 Fix Duo for CLI policy to check instance setting for SM
a9d74e74 Fix Generate Commit Message policy to check project settings
fce8d092 Remove unneeded use of safe navigation operator

Co-authored-by: Jarka Košanová <jarka@gitlab.com>

Unverified

15a3b205

Sep 16, 2024
- Update VERSION files · f2789346
  GitLab Release Tools Bot authored 5 months ago
  
  [merge-train skip]
  View commits for tag v17.3.3-ee v17.3.3-ee Unverified
  
  f2789346
- Update changelog for 17.3.3 · 230d8ef3
  GitLab Release Tools Bot authored 5 months ago
  
  [ci skip]
  Unverified
  
  230d8ef3
- Update managed components version to 17.3.3 · a4897636
  GitLab Release Tools Bot authored 5 months ago
  
  [ci skip]
  Unverified
  
  a4897636
- OpenSSLv3 will affect both incoming and outgoing connection · 230d4dd2
  Drew Blessing authored 5 months ago
  
  Unverified
  
  230d4dd2
Sep 14, 2024

Merge branch 'dblessing_bump_ruby_deps_17-3' into '17-3-stable-ee' · 81751237

Stan Hu authored 5 months ago

Update ruby-saml and omniauth-saml

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/166059



Merged-by: Stan Hu <stanhu@gmail.com>
Approved-by: Andrew Evans <aevans@gitlab.com>
Approved-by: Greg Alfaro <galfaro@gitlab.com>
Approved-by: Stan Hu <stanhu@gmail.com>
Co-authored-by: Drew Blessing <drew@gitlab.com>

Unverified

81751237

Merge branch 'atevans/backport-gitlab-backup-cli-fix-17-3' into '17-3-stable-ee' · b56ca9c2

Stan Hu authored 5 months ago

Upgrade bundler for the GitLab Backup CLI gem

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/166063



Merged-by: Stan Hu <stanhu@gmail.com>
Approved-by: Drew Blessing <drew@gitlab.com>
Approved-by: Stan Hu <stanhu@gmail.com>
Approved-by: Jennifer Li <jli@gitlab.com>
Co-authored-by: Gabriel Mazetto <gabriel@gitlab.com>

Unverified

b56ca9c2

Upgrade bundler for the GitLab Backup CLI gem · 8129262f
Andrew Evans authored 5 months ago

Unverified

8129262f

Sep 13, 2024
- Update ruby-saml and omniauth-saml · 65917be5
  Drew Blessing authored 5 months ago
  
  65917be5
Sep 11, 2024
- Merge remote-tracking branch 'dev/17-3-stable-ee' into 17-3-stable-ee · 9a1dee98
  GitLab Release Tools Bot authored 5 months ago
  
  9a1dee98
- Update VERSION files · a141138e
  GitLab Release Tools Bot authored 5 months ago
  
  [merge-train skip]
  View commits for tag v17.3.2-ee v17.3.2-ee
  
  a141138e
- Update changelog for 17.3.2 · 0b173b48
  GitLab Release Tools Bot authored 5 months ago
  
  [ci skip]
  0b173b48
- Update managed components version to 17.3.2 · 4b385ae6
  GitLab Release Tools Bot authored 5 months ago
  
  [ci skip]
  4b385ae6
Sep 10, 2024

Merge branch 'revert-' into '17-3-stable-ee' · 97f76126

Mayra Cabrera authored 5 months ago

Revert "Merge branch 'security-psk-fix-external-wiki-integration-dos-17-3' into '17-3-stable-ee'"

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4453

Merged-by: Mayra Cabrera <mcabrera@gitlab.com>
Approved-by: Mayra Cabrera <mcabrera@gitlab.com>
Co-authored-by: John T Skarbek <jtslear@gmail.com>

97f76126

Revert "Merge branch 'security-psk-fix-external-wiki-integration-dos-17-3' into '17-3-stable-ee'" · 4adb6841
Ameya Darshan authored 5 months ago and Mayra Cabrera committed 5 months ago
```
Merge branch 'revert-89504a1f' into '17-3-stable-ee'

See merge request gitlab-org/security/gitlab!4453

Changelog: security
```
4adb6841

Merge branch 'sh-backport-openssl-3-docs-17-3' into '17-3-stable-ee' · 0f6f26aa

Stan Hu authored 5 months ago

Improve OpenSSL 3 upgrading warning notes

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/165585



Merged-by: Stan Hu <stanhu@gmail.com>
Approved-by: Achilleas Pipinellis <axil@gitlab.com>
Approved-by: Eduardo Sanz García <esanz-garcia@gitlab.com>

Unverified

0f6f26aa

Merge branch 'cherry-pick-98bf5baa-3' into '17-3-stable-ee' · fe504b8e

GitLab Release Tools Bot authored 5 months ago

Fix the vulnerability in the glm_source parameter

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4436

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Gabriel Mazetto <gabriel@gitlab.com>
Co-authored-by: Doug Stull <dstull@gitlab.com>

fe504b8e

Fix the vulnerability in the glm_source parameter · 878cda6f
Doug Stull authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'cherry-pick-98bf5baa-3' into '17-3-stable-ee'

See merge request gitlab-org/security/gitlab!4436

Changelog: security
```
878cda6f

Merge branch 'security-1164-confidential-issue-17-3' into '17-3-stable-ee' · d0ae27c6

GitLab Release Tools Bot authored 5 months ago

Improve GraphQL log security

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4400

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Dzmitry (Dima) Meshcharakou <12459192-dmeshcharakou@users.noreply.gitlab.com>
Reviewed-by: Dzmitry (Dima) Meshcharakou <12459192-dmeshcharakou@users.noreply.gitlab.com>
Co-authored-by: Radamanthus Batnag <rbatnag@gitlab.com>

d0ae27c6

Improve GraphQL log security · 8ab77eca

Rad Batnag authored 5 months ago and

GitLab Release Tools Bot committed 5 months ago

Merge branch 'security-1164-confidential-issue-17-3' into '17-3-stable-ee'

See merge request gitlab-org/security/gitlab!4400

Changelog: security

8ab77eca

Merge branch 'security-custom-templates-source-code-disclosure-17-3' into '17-3-stable-ee' · 3081b75c

GitLab Release Tools Bot authored 5 months ago

Add permissions check to project creations from a project template

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4443

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Gavin Hinfey <ghinfey@gitlab.com>
Co-authored-by: Fred Reinink <freinink@gitlab.com>

3081b75c

Add permissions check to project creations from a project template · 9aaaaf46
Fred Reinink authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'security-custom-templates-source-code-disclosure-17-3' into '17-3-stable-ee'

See merge request gitlab-org/security/gitlab!4443

Changelog: security
```
9aaaaf46

Merge branch 'security-scp-url-sanitizer-17-3' into '17-3-stable-ee' · f5db2e14

GitLab Release Tools Bot authored 5 months ago

Fix credentials disclosure in mirroring failure

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4446

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Vasilii Iakliushin <viakliushin@gitlab.com>
Co-authored-by: Olaoluwa Oluro <olaoluro@gitlab.com>

f5db2e14

Fix credentials disclosure in mirroring failure · 0c2d3c94
Ola Oluro authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'security-scp-url-sanitizer-17-3' into '17-3-stable-ee'

See merge request gitlab-org/security/gitlab!4446

Changelog: security
```
0c2d3c94

Merge branch 'security-sg-redirect-check-for-releases-17-3' into '17-3-stable-ee' · 9430b0e8

GitLab Release Tools Bot authored 5 months ago

Redirect url in the link validated for being external

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4440



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Drew Blessing <drew@gitlab.com>
Co-authored-by: smriti <sgarg@gitlab.com>

9430b0e8

Redirect url in the link validated for being external · 219cfd97

Smriti Garg authored 5 months ago and

GitLab Release Tools Bot committed 5 months ago

Merge branch 'security-sg-redirect-check-for-releases-17-3' into '17-3-stable-ee'

See merge request gitlab-org/security/gitlab!4440

Changelog: security

219cfd97

Merge branch 'security-451014-dast-profile-permissions-17-3' into '17-3-stable-ee' · fd53e9cb

GitLab Release Tools Bot authored 5 months ago

[17.3] Update edit permissions for DAST profiles

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4372



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Alejandro Rodríguez <alejandro@gitlab.com>
Co-authored-by: Arpit Gogia <12347103-arpitgogia@users.noreply.gitlab.com>

fd53e9cb

[17.3] Update edit permissions for DAST profiles · 44638f24

Arpit Gogia authored 5 months ago and

GitLab Release Tools Bot committed 5 months ago

Merge branch 'security-451014-dast-profile-permissions-17-3' into '17-3-stable-ee'

See merge request gitlab-org/security/gitlab!4372

Changelog: security

44638f24

Merge branch 'security-469367-commit-info-visible-though-atom-17-3' into '17-3-stable-ee' · 61cfdda8

GitLab Release Tools Bot authored 5 months ago

Commit information visible through release atom endpoint for guest users

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4437

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Tomas Bulva <tbulva@gitlab.com>
Approved-by: Kevin Morrison <kmorrison@gitlab.com>
Co-authored-by: Anna Vovchenko <avovchenko@gitlab.com>

61cfdda8

Commit information visible through release atom endpoint for guest users · 7e4451c5
Anna Vovchenko authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'security-469367-commit-info-visible-though-atom-17-3' into '17-3-stable-ee'

See merge request gitlab-org/security/gitlab!4437

Changelog: security
```
7e4451c5

Merge branch 'security-run-stop-actions-as-job-owner-17-3' into '17-3-stable-ee' · f618fb2b

GitLab Release Tools Bot authored 5 months ago

Execute environment stop actions as the owner of the action

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4404

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Fabio Pitino <fpitino@gitlab.com>
Co-authored-by: Tiger <twatson@gitlab.com>

f618fb2b

Execute environment stop actions as the owner of the action · e160b472
Tiger Watson authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'security-run-stop-actions-as-job-owner-17-3' into '17-3-stable-ee'

See merge request gitlab-org/security/gitlab!4404

Changelog: security
```
e160b472

Merge branch 'security-prevent-code-injection-in-pa-funnels-17-3' into '17-3-stable-ee' · ac588764

GitLab Release Tools Bot authored 5 months ago

Prevent code injection in Product Analytics funnels YAML

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4431

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Halil Coban <hcoban@gitlab.com>
Co-authored-by: Robert Hunt <rhunt@gitlab.com>

ac588764

Prevent code injection in Product Analytics funnels YAML · 04ee196c

Robert Hunt authored 5 months ago and

GitLab Release Tools Bot committed 5 months ago

Merge branch 'security-prevent-code-injection-in-pa-funnels-17-3' into '17-3-stable-ee'

See merge request gitlab-org/security/gitlab!4431

Changelog: security

04ee196c

Merge branch 'security-fix-cr-edit-17-3' into '17-3-stable-ee' · 30f02677

GitLab Release Tools Bot authored 5 months ago

Prevent users with admin_group_member custom ab. to manage custom roles

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/4425

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: charlie ablett <cablett@gitlab.com>
Co-authored-by: Jarka Košanová <jarka@gitlab.com>

30f02677

Prevent users with admin_group_member custom ab. to manage custom roles · 8a5aae28
Jarka Kadlecova authored 5 months ago and GitLab Release Tools Bot committed 5 months ago
```
Merge branch 'security-fix-cr-edit-17-3' into '17-3-stable-ee'

See merge request gitlab-org/security/gitlab!4425

Changelog: security
```
8a5aae28

Admin message

Admin message