- Mar 31, 2022
-
-
GitLab Release Tools Bot authored
[merge-train skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
John Skarbek authored
Update to commonmarker 0.23.4 See merge request gitlab-org/security/gitlab!2283
-
Merge branch 'security-update-cmark-gfm-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2283 Changelog: security
-
John Skarbek authored
Revert merge request approval groups behavior See merge request gitlab-org/security/gitlab!2333
-
Merge branch '14-7_fix_merge_request_approval_rules' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2333 Changelog: security
-
GitLab Release Tools Bot authored
Disallow login if password matches a fixed list See merge request gitlab-org/security/gitlab!2359
-
Merge branch 'security-disallowed-passwords-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2359 Changelog: security
-
GitLab Release Tools Bot authored
Update devise-two-factor to 4.0.2 See merge request gitlab-org/security/gitlab!2351
-
Merge branch 'security-update-devise-two-factor-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2351 Changelog: security
-
GitLab Release Tools Bot authored
Limit the number of tags associated with a CI runner See merge request gitlab-org/security/gitlab!2305
-
Merge branch 'pedropombeiro/328593/14.7-limit-number-of-runner-tags' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2305 Changelog: security
-
GitLab Release Tools Bot authored
GitLab Pages Security Updates for 14.9 See merge request gitlab-org/security/gitlab!2325
-
Merge branch 'security-pages-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2325 Changelog: security
-
GitLab Release Tools Bot authored
Upgrade swagger-ui dependency See merge request gitlab-org/security/gitlab!2338
-
Merge branch 'security-swagger-ui-upgrade-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2338 Changelog: security
-
GitLab Release Tools Bot authored
Modify release link format check to avoid regex if string is too long See merge request gitlab-org/security/gitlab!2244
-
Merge branch 'security-273771-confidential-issue-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2244 Changelog: security
-
GitLab Release Tools Bot authored
Masks variables in error messages See merge request gitlab-org/security/gitlab!2292
-
Merge branch 'security-lm-mask-variables-in-error-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2292 Changelog: security
-
GitLab Release Tools Bot authored
Escape user provided string to prevent XSS See merge request gitlab-org/security/gitlab!2315
-
Merge branch 'security-618-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2315 Changelog: security
-
- Mar 30, 2022
-
-
GitLab Release Tools Bot authored
Monkey patch of RDoc to prevent Ruby segfault See merge request gitlab-org/security/gitlab!2233
-
Merge branch 'security-dblessing_rdoc_puma-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2233 Changelog: security
-
GitLab Release Tools Bot authored
Merge branch 'security-597-project-import-maps-members-created_by_id-users-based-on-source-user-id-14-7' into '14-7-stable-ee' Project import maps members' created_by_id users based on source user ID See merge request gitlab-org/security/gitlab!2239
-
Merge branch 'security-597-project-import-maps-members-created_by_id-users-based-on-source-user-id-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2239 Changelog: security
-
GitLab Release Tools Bot authored
Redact InvalidURIError error messages See merge request gitlab-org/security/gitlab!2297
-
Merge branch 'security-37261-clean-passwords-from-invalid-uri-error-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2297 Changelog: security
-
GitLab Release Tools Bot authored
Fix access for approval rules API See merge request gitlab-org/security/gitlab!2324
-
Merge branch 'security-id-fix-approval-rules-access-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2324 Changelog: security
-
GitLab Release Tools Bot authored
Fix kroki exploit See merge request gitlab-org/security/gitlab!2278
-
Merge branch 'security-comment-dos-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2278 Changelog: security
-
GitLab Release Tools Bot authored
Fix blind SSRF when looking up SSH host keys for mirroring See merge request gitlab-org/security/gitlab!2311
-
Merge branch 'security-354059-detect-host-keys-blind-ssrf-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2311 Changelog: security
-
GitLab Release Tools Bot authored
Escape original content in reference redactor See merge request gitlab-org/security/gitlab!2319
-
Merge branch 'security-fix-reference-redactor-xss-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2319 Changelog: security
-
GitLab Release Tools Bot authored
Security fix for CI/CD analytics visibility See merge request gitlab-org/security/gitlab!2274
-
Merge branch 'security-fix-ci-cd-analytics-visibility-14-7' into '14-7-stable-ee' See merge request gitlab-org/security/gitlab!2274 Changelog: security
-
GitLab Release Tools Bot authored
Latest commit exposed through fork of a private project See merge request gitlab-org/security/gitlab!2272
-
