Commits · v13.6.6-ee · yorickpeterse-staging / GitLab

Feb 01, 2021
- Update VERSION files · 7c0e8a2c
  GitLab Release Tools Bot authored 4 years ago
  
  [merge-train skip]
  View commits for tag v13.6.6-ee v13.6.6-ee
  
  7c0e8a2c
- Update CHANGELOG.md for 13.6.6-ee · bb5bcf99
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  bb5bcf99
- Update CHANGELOG-EE.md for 13.6.6-ee · 84e2eb0b
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  84e2eb0b
- Update Gitaly version to 13.6.6 · e94de7d1
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  e94de7d1
- Merge branch 'security-sanitize-target-branch-13-6' into '13-6-stable-ee' · d6096391
  GitLab Release Tools Bot authored 4 years ago
  
  Sanitize target branch See merge request gitlab-org/security/gitlab!1201
  d6096391
- Merge branch 'security-404-difference-13-6' into '13-6-stable-ee' · 006c7ff1
  GitLab Release Tools Bot authored 4 years ago
  
  Add routes for unmatched url for not-get requests See merge request gitlab-org/security/gitlab!1125
  006c7ff1
- Add routes for unmatched url for not-get requests · 0dae3b94
  mksionek authored 4 years ago and GitLab Release Tools Bot committed 4 years ago
  
  Add changelog entry Fix typo in routes Fix git http spec Fix uploads routing spec Add matchers only to project facing paths Add more specs for new routes Add different shared examples Fix rubocop offence Add failure message to new matcher Add cr remarks Add cr remarks
  0dae3b94
- Merge branch 'security-ssrf-outbound-request-13-6' into '13-6-stable-ee' · 52369578
  GitLab Release Tools Bot authored 4 years ago
  
  Fix DNS rebinding protection for Outbound Requests See merge request gitlab-org/security/gitlab!1193
  52369578
- Merge branch 'security-filter-graphql-logs-13-6' into '13-6-stable-ee' · 015d2e00
  GitLab Release Tools Bot authored 4 years ago
  
  Filter sensitive variables from GraphQL logs See merge request gitlab-org/security/gitlab!1187
  015d2e00
- Merge branch 'security-xss-epic-milestone-13-6' into '13-6-stable-ee' · 750183ba
  GitLab Release Tools Bot authored 4 years ago
  
  Sanitize XSS in Epic milestone due date See merge request gitlab-org/security/gitlab!1161
  750183ba
- Merge branch 'security-fix-leaking-kubernetes-cluster-ip-13-6' into '13-6-stable-ee' · aca3e680
  GitLab Release Tools Bot authored 4 years ago
  
  Remove Kubernetes IP address from errors returned in Threat Monitoring See merge request gitlab-org/security/gitlab!1159
  aca3e680
- Merge branch 'security-guest-can-read-tag-from-releases-13-6' into '13-6-stable-ee' · 96e1b8e7
  GitLab Release Tools Bot authored 4 years ago
  
  Avoid exposing release links when the user cannot read git-tag/repository See merge request gitlab-org/security/gitlab!1169
  96e1b8e7
Jan 27, 2021
- Sanitize target branch · 11071142
  Jacques Erasmus authored 4 years ago
  
  Sanitized the target branch to prevent XSS
  11071142
Jan 25, 2021
- Fix DNS rebinding protection for Outbound Requests · b6e79ca9
  Arturo Herrero authored 4 years ago
  
  This fixes DNS rebinding protection bypass when allowing an IP address in Outbound Requests setting.
  b6e79ca9
Jan 22, 2021
- Filter sensitive variables from GraphQL logs · 126b3209
  Heinrich Lee Yu authored 4 years ago
  
  This uses the same config we setup for config.filter_parameters
  Unverified
  
  126b3209
Jan 14, 2021
- Merge remote-tracking branch 'dev/13-6-stable-ee' into 13-6-stable-ee · 37179885
  GitLab Release Tools Bot authored 4 years ago
  
  37179885
Jan 13, 2021
- Update VERSION files · 9bca4005
  GitLab Release Tools Bot authored 4 years ago
  
  [merge-train skip]
  View commits for tag v13.6.5-ee v13.6.5-ee
  
  9bca4005
- Update CHANGELOG.md for 13.6.5-ee · 3787c002
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  3787c002
- Update CHANGELOG-EE.md for 13.6.5-ee · 62a974e3
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  62a974e3
- Update Gitaly version to 13.6.5 · d7916333
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  d7916333
- Merge branch 'security-deny-implicit-confidential-13-6' into '13-6-stable-ee' · af64925c
  Alessio Caiazza authored 4 years ago
  
  Deny implicit flow for confidential apps See merge request gitlab-org/security/gitlab!1167
  af64925c
- Avoid exposing release links when the user cannot read tag · 43cffa77
  Shinya Maeda authored 4 years ago
  
  This commit fixes the security vulnerability that guest can read git-tag through release links.
  43cffa77
Jan 12, 2021
- Deny implicit flow for confidential apps · 7bf7cda6
  Dominic Couture authored 4 years ago
  
  7bf7cda6
Jan 07, 2021
- Merge remote-tracking branch 'dev/13-6-stable-ee' into 13-6-stable-ee · 4a43c1ba
  GitLab Release Tools Bot authored 4 years ago
  
  4a43c1ba
- Update VERSION files · 5f4e8035
  GitLab Release Tools Bot authored 4 years ago
  
  [merge-train skip]
  View commits for tag v13.6.4-ee v13.6.4-ee
  
  5f4e8035
- Update CHANGELOG.md for 13.6.4-ee · 0d15d583
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  0d15d583
- Update CHANGELOG-EE.md for 13.6.4-ee · 3c84c4e5
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  3c84c4e5
- Update Gitaly version to 13.6.4 · f33d440a
  GitLab Release Tools Bot authored 4 years ago
  
  [ci skip]
  f33d440a
Jan 06, 2021
- Merge branch 'security-workhorse-prometheus-13-6' into '13-6-stable-ee' · c14b4482
  Mayra Cabrera authored 4 years ago
  
  Fix prometheus DoS through Workhorse See merge request gitlab-org/security/gitlab!1145
  c14b4482
- Merge branch 'security-implicit-confidential-13-6' into '13-6-stable-ee' · 54bd4426
  Mayra Cabrera authored 4 years ago
  
  Deny implicit flow for confidential apps See merge request gitlab-org/security/gitlab!1140
  54bd4426
- Merge branch 'security-trusted-confidential-apps-13-6' into '13-6-stable-ee' · bdeb317e
  GitLab Release Tools Bot authored 4 years ago
  
  Set all trusted OAuth apps as confidential See merge request gitlab-org/security/gitlab!1151
  bdeb317e
- Merge branch 'security-package-regex-dos-13-6' into '13-6-stable-ee' · 276c6eb3
  GitLab Release Tools Bot authored 4 years ago
  
  Fix regex backtracking issue in package_name_regex See merge request gitlab-org/security/gitlab!1110
  276c6eb3
- Merge branch 'security-pages-1-30-1' into '13-6-stable-ee' · a9bdef5a
  GitLab Release Tools Bot authored 4 years ago
  
  Fix stealing API token and Prometheus DoS through GitLab Pages See merge request gitlab-org/security/gitlab!1137
  a9bdef5a
- Upgrade GitLab Pages to 1.30.1 · 85cd243f
  vshushlin authored 4 years ago and GitLab Release Tools Bot committed 4 years ago
  
  it includes 2 security fixes
  85cd243f
- Merge branch 'security-nuget-api-regex-dos-13-6' into '13-6-stable-ee' · 9a953894
  GitLab Release Tools Bot authored 4 years ago
  
  Update non-negative integer regex to protect against regex DoS See merge request gitlab-org/security/gitlab!1130
  9a953894
- Update non-negative integer regex to protect against regex DoS · 26a5e3ec
  Vitor Meireles de Sousa authored 4 years ago and GitLab Release Tools Bot committed 4 years ago
  
  26a5e3ec
- Merge branch 'security-id-forbid-public-cache-for-private-repos-13-6' into '13-6-stable-ee' · 31e477e0
  GitLab Release Tools Bot authored 4 years ago
  
  Forbid public cache for private repos See merge request gitlab-org/security/gitlab!1148
  31e477e0
- Sanitize XSS in Epic milestone due date · 4505070c
  Rajat Jain authored 4 years ago
  
  Sanitize XSS in milestone title
  4505070c
Jan 04, 2021
- Remove Kubernetes IP address from errors returned in Threat Monitoring · 1db361ca
  Alan (Maciej) Paruszewski authored 4 years ago
  
  This fix resolves problem with leaked Kubernetes IP address in error messages.
  Unverified
  
  1db361ca
- Upgrade GitLab Workhorse to 8.54.2 · 7f143f53
  Vladimir Shushlin authored 4 years ago and Jacob Vosmaer (GitLab) committed 4 years ago
  
  7f143f53

Admin message

Admin message