Commits · 15.10.8+ce.0 · GitLab.org / omnibus-gitlab

This project is mirrored from https://:*****@gitlab.com/gitlab-org/omnibus-gitlab.git. Pull mirroring failed 1 month ago.
Repository mirroring has been paused due to too many failed attempts. It can be resumed by a project maintainer or owner.
Last successful update 4 years ago.

Jun 05, 2023
- Update VERSION to 15.10.8 · 433ca509
  GitLab Release Tools Bot authored 1 year ago
  
  View commits for tag 15.10.8+ce.0 15.10.8+ce.0
  
  433ca509
- Update component version files · ac244776
  GitLab Release Tools Bot authored 1 year ago
  
  ac244776
- Update changelog for 15.10.8 · 3bd570b5
  GitLab Release Tools Bot authored 1 year ago
  
  [ci skip]
  3bd570b5
Jun 02, 2023

Merge branch 'security-mattermost-2023-04-27-updates-15-10' into '15-10-stable' · ed2db9ec

Jenny Kim authored 1 year ago

Mattermost Security Updates April 27, 2023

See merge request https://gitlab.com/gitlab-org/security/omnibus-gitlab/-/merge_requests/338



Merged-by: Jenny Kim <yjeankim@gitlab.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Co-authored-by: Clemens Beck <cbeck@gitlab.com>

ed2db9ec

Mattermost Security Updates April 27, 2023 · 3b95b80d

Clemens Beck authored 1 year ago and

Jenny Kim committed 1 year ago

Merge branch 'security-mattermost-2023-04-27-updates-15-10' into '15-10-stable'

See merge request gitlab-org/security/omnibus-gitlab!338

Changelog: security

3b95b80d

Merge branch 'security-postgresql-upgrade-12.14-and-13.11-backport-15-10' into '15-10-stable' · b71990c8

GitLab Release Tools Bot authored 1 year ago

Bump PostgreSQL version to 12.14 and 13.11

See merge request https://gitlab.com/gitlab-org/security/omnibus-gitlab/-/merge_requests/346

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Co-authored-by: Hossein Pursultani <hpursultani@gitlab.com>

b71990c8

Bump PostgreSQL version to 12.14 and 13.11 · f85013cc

Hossein Pursultani authored 1 year ago and

GitLab Release Tools Bot committed 1 year ago

Merge branch 'security-postgresql-upgrade-12.14-and-13.11-backport-15-10' into '15-10-stable'

See merge request gitlab-org/security/omnibus-gitlab!346

Changelog: security

f85013cc

Merge branch 'security-bump-ncurses-cve-2023-29491-15-10' into '15-10-stable' · a71ee6a6

GitLab Release Tools Bot authored 1 year ago

Bump ncurses version to 6.4-20230225

See merge request https://gitlab.com/gitlab-org/security/omnibus-gitlab/-/merge_requests/342

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Co-authored-by: Clemens Beck <cbeck@gitlab.com>

a71ee6a6

Bump ncurses version to 6.4-20230225 · 080801ce

Clemens Beck authored 1 year ago and

GitLab Release Tools Bot committed 1 year ago

Merge branch 'security-bump-ncurses-cve-2023-29491-15-10' into '15-10-stable'

See merge request gitlab-org/security/omnibus-gitlab!342

Changelog: security

080801ce

May 15, 2023

Merge branch 'sh-validate-smtp-15-10' into '15-10-stable' · 030f5035

Balasankar C authored 1 year ago

[15.10] Validate that SMTP settings do not enable both TLS and STARTTLS

See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/6877



Merged-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Approved-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Co-authored-by: Stan Hu <stanhu@gmail.com>

030f5035

Merge branch 'sh-add-smtp-timeouts-15-10' into '15-10-stable' · 96af311d

Balasankar C authored 1 year ago

[15.10] Add SMTP timeout configuration options

See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/6887



Merged-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Approved-by: Balasankar 'Balu' C <balasankar@gitlab.com>
Co-authored-by: Stan Hu <stanhu@gmail.com>

96af311d

May 11, 2023

Add SMTP timeout configuration options · 77d8eb0b

Stan Hu authored 1 year ago

In https://github.com/mikel/mail/pull/1427/files, mail v2.8.1 gem
modified the default open and read timeout values to 5 seconds instead
of the default `Net::SMTP` 30 and 60 seconds, respectively.

Since upgrading to GitLab 15.10.3, some users have observed receiving
`Net::ReadTimeout` errors. This commit restores the original defaults
and allows users to configure the timeouts.

Relates to https://gitlab.com/gitlab-org/gitlab/-/issues/410336

Changelog: added

Unverified

77d8eb0b

May 10, 2023

Merge remote-tracking branch 'dev/15-10-stable' into 15-10-stable · ec612b7c
GitLab Release Tools Bot authored 1 year ago

ec612b7c

Validate that SMTP settings do not enable both TLS and STARTTLS · 018c6de1

Stan Hu authored 1 year ago

GitLab versions 15.10.4 and up shipped with
https://gitlab.com/gitlab-org/gitlab/-/merge_requests/116925 in order
to fix a Ruby 3 upgrade issue that made it impossible to disable
STARTTLS if the SMTP server advertised support for it.

However, this change enforced the constraint that both SMTP TLS and
STARTTLS cannot be enabled simultaneously. This follows the behavior
of the net-smtp gem, which raises an exception if a user attempts to
enable both.

This constraint was added because as described in
https://github.com/mikel/mail/pull/1536, the logic for
enabling/disabling TLS and/or STARTTLS is a bit tricky to get right
and missed some important edge cases.

This commit adds a validation step that will throw an error if both
settings appear:

```ruby
gitlab_rails['smtp_tls'] = true
gitlab_rails['smtp_enable_starttls_auto'] = true
```

Previously if SMTP TLS were enabled, STARTTLS was disabled outright.

If `gitlab_rails['smtp_tls']` is enabled, generally the easiest way to
get things working is to set
`gitlab_rails['smtp_enable_starttls_auto']` to `false`.

Relates to https://gitlab.com/gitlab-org/gitlab/-/issues/409835

Also see https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/6858

Changelog: changed

Unverified

018c6de1

Update VERSION to 15.10.7-ee · 5c38700e
GitLab Release Tools Bot authored 1 year ago

View commits for tag 15.10.7+ee.0 15.10.7+ee.0

5c38700e
Update VERSION to 15.10.7 · 05422dcd
GitLab Release Tools Bot authored 1 year ago

View commits for tag 15.10.7+ce.0 15.10.7+ce.0

05422dcd
Update component version files · fa485fa2
GitLab Release Tools Bot authored 1 year ago

fa485fa2
Update changelog for 15.10.7 · a1b6f181
GitLab Release Tools Bot authored 1 year ago
```
[ci skip]
```
a1b6f181

May 05, 2023
- Merge remote-tracking branch 'dev/15-10-stable' into 15-10-stable · a2a70fe3
  GitLab Release Tools Bot authored 1 year ago
  
  a2a70fe3
May 03, 2023
- Update VERSION to 15.10.6-ee · d07946e9
  GitLab Release Tools Bot authored 1 year ago
  
  View commits for tag 15.10.6+ee.0 15.10.6+ee.0
  
  d07946e9
- Update VERSION to 15.10.6 · e1b5c4f5
  GitLab Release Tools Bot authored 1 year ago
  
  View commits for tag 15.10.6+ce.0 15.10.6+ce.0
  
  e1b5c4f5
- Update component version files · 606c9264
  GitLab Release Tools Bot authored 1 year ago
  
  606c9264
- Update changelog for 15.10.6 · dd3402e6
  GitLab Release Tools Bot authored 1 year ago
  
  [ci skip]
  dd3402e6
May 02, 2023

Merge branch 'bundle-libarchive-15-10-backport' into '15-10-stable' · 923911ef

Robert Marshall authored 1 year ago

Bundle libarchive in the package

See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/6824



Merged-by: Robert Marshall <rmarshall@gitlab.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>

923911ef

Merge branch '7741-libarchive-liblzma-sles' into 'master' · 48d90b21

Balasankar C authored 1 year ago

Bundle libarchive in the package

Closes #7741

Changelog: fixed

See merge request https://gitlab.com/gitlab-org/omnibus-gitlab/-/merge_requests/6805



Merged-by: Robert Marshall <rmarshall@gitlab.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Approved-by: Andrew Patterson <apatterson@gitlab.com>
Co-authored-by: Balasankar "Balu" C <balasankar@gitlab.com>

48d90b21

Merge remote-tracking branch 'dev/15-10-stable' into 15-10-stable · da8e5b7b
GitLab Release Tools Bot authored 1 year ago

da8e5b7b

May 01, 2023

Update VERSION to 15.10.5-ee · 4552c092
GitLab Release Tools Bot authored 1 year ago

View commits for tag 15.10.5+ee.0 15.10.5+ee.0

4552c092
Update VERSION to 15.10.5 · c96782f4
GitLab Release Tools Bot authored 1 year ago

View commits for tag 15.10.5+ce.0 15.10.5+ce.0

c96782f4
Update component version files · e04a2fe7
GitLab Release Tools Bot authored 1 year ago

e04a2fe7
Update changelog for 15.10.5 · 2d71bc93
GitLab Release Tools Bot authored 1 year ago
```
[ci skip]
```
2d71bc93

Merge branch 'security-mattermost-2023-04-updates-15.10' into '15-10-stable' · f94888e9

Reuben Pereira authored 1 year ago

Mattermost Security Updates April 2023

See merge request https://gitlab.com/gitlab-org/security/omnibus-gitlab/-/merge_requests/335



Merged-by: Reuben Pereira <2967854-rpereira2@users.noreply.gitlab.com>
Approved-by: Kevin Morrison <kmorrison@gitlab.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Co-authored-by: Andrew Patterson <apatterson@gitlab.com>

f94888e9

Mattermost Security Updates April 2023 · cded3eb5

Andrew Patterson authored 1 year ago

Merge branch 'security-mattermost-2023-04-updates-15.10' into '15-10-stable'

See merge request gitlab-org/security/omnibus-gitlab!335

Changelog: security

cded3eb5

Merge branch 'security-patch-openssl-for-2023-0464-backport-15-10' into '15-10-stable' · 4ebfb34c

GitLab Release Tools Bot authored 1 year ago

Patch Openssl for CVE-2023-0464

See merge request https://gitlab.com/gitlab-org/security/omnibus-gitlab/-/merge_requests/332



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Co-authored-by: João Cunha <j.a.cunha@gmail.com>

4ebfb34c

Patch Openssl for -0464 · 5bd5e3ad

João Alexandre Cunha authored 1 year ago and

GitLab Release Tools Bot committed 1 year ago

Merge branch 'security-patch-openssl-for-2023-0464-backport-15-10' into '15-10-stable'

See merge request gitlab-org/security/omnibus-gitlab!332

Changelog: security

5bd5e3ad

Merge branch 'security-grafana-session-cookie-outgoing-request-15-10' into '15-10-stable' · 1ca4f3cf

GitLab Release Tools Bot authored 1 year ago

Patch Grafana against session cookie vulnerability and CVE-2023-1410

See merge request https://gitlab.com/gitlab-org/security/omnibus-gitlab/-/merge_requests/327

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Robert Marshall <rmarshall@gitlab.com>
Co-authored-by: Balasankar "Balu" C <balasankar@gitlab.com>

1ca4f3cf

Patch Grafana against session cookie vulnerability and -1410 · febd1125

Balasankar C authored 1 year ago and

GitLab Release Tools Bot committed 1 year ago

Merge branch 'security-grafana-session-cookie-outgoing-request-15-10' into '15-10-stable'

See merge request gitlab-org/security/omnibus-gitlab!327

Changelog: security

febd1125

Apr 21, 2023
- Update VERSION to 15.10.4-ee · 1e7eda0f
  GitLab Release Tools Bot authored 1 year ago
  
  View commits for tag 15.10.4+ee.0 15.10.4+ee.0
  
  1e7eda0f
- Update VERSION to 15.10.4 · 4258ab44
  GitLab Release Tools Bot authored 1 year ago
  
  View commits for tag 15.10.4+ce.0 15.10.4+ce.0
  
  4258ab44
- Update component version files · a4d679c6
  GitLab Release Tools Bot authored 1 year ago
  
  a4d679c6
- Update changelog for 15.10.4 · 137e3962
  GitLab Release Tools Bot authored 1 year ago
  
  [ci skip]
  137e3962

Admin message

Admin message