diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-12-13 12:45:07 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-12-13 12:45:07 +0300 |
commit | ae6a184699ab16dd5f12ca5c12336c8b0e75d802 (patch) | |
tree | ca9d54e9b0941d940bfc1511f2884ff8d1a0ff4e | |
parent | 228478c7257f59dd43b30622f7a56a77c3355127 (diff) |
Add latest changes from gitlab-org/security/gitlab@16-5-stable-eev16.5.4
-rw-r--r-- | CHANGELOG.md | 17 | ||||
-rw-r--r-- | GITALY_SERVER_VERSION | 2 | ||||
-rw-r--r-- | GITLAB_PAGES_VERSION | 2 |
3 files changed, 19 insertions, 2 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 578d3322325..16348bdb2c4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,23 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 16.5.4 (2023-12-13) + +### Fixed (1 change) + +- [Truncate verification failure message to 255](gitlab-org/security/gitlab@640f8fa1b9ac91767b25992be646b8369fe41e09) **GitLab Enterprise Edition** + +### Security (8 changes) + +- [Prevent tag names starting with SHA-1 and SHA-256 values](gitlab-org/security/gitlab@2a67d2efe432eeb1264ffe3dd5e0625c364d3d4b) ([merge request](gitlab-org/security/gitlab!3747)) +- [Pass encoded file paths to router](gitlab-org/security/gitlab@7299f46a651db01f451694bf7b801ae8af672592) ([merge request](gitlab-org/security/gitlab!3736)) +- [Validate access level of user while rotating token](gitlab-org/security/gitlab@4a1ca1e3f95d858966ef1f985925c57f70923e17) ([merge request](gitlab-org/security/gitlab!3751)) +- [Fix large time_spent value causing GraphQL error `Integer out of bounds`](gitlab-org/security/gitlab@a87f5d04de526fbed7ecbf6ed8d44db356076826) ([merge request](gitlab-org/security/gitlab!3744)) +- [Restrict Protected branch access via group to direct members](gitlab-org/security/gitlab@22fd1a0d19f49c761fb20f80c326fa8658c962f7) ([merge request](gitlab-org/security/gitlab!3727)) +- [Remove the ability to fork and create MR for auditors](gitlab-org/security/gitlab@1a9d9490b3cf0e91321a90333d3f79ed275df4c0) ([merge request](gitlab-org/security/gitlab!3739)) +- [Restrict passing variables on the pipeline schedule API](gitlab-org/security/gitlab@eeb86c57a3b09b04659cb3d1300e396bdd51db58) ([merge request](gitlab-org/security/gitlab!3724)) +- [Smartcard auth: encrypt client cert in params](gitlab-org/security/gitlab@4ca907081651de95bcb392ee2ca2626dd7679f36) ([merge request](gitlab-org/security/gitlab!3730)) + ## 16.5.3 (2023-11-30) ### Security (11 changes) diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION index 2f1a3fc6b30..5a9df4b7041 100644 --- a/GITALY_SERVER_VERSION +++ b/GITALY_SERVER_VERSION @@ -1 +1 @@ -16.5.3
\ No newline at end of file +16.5.4
\ No newline at end of file diff --git a/GITLAB_PAGES_VERSION b/GITLAB_PAGES_VERSION index 2f1a3fc6b30..5a9df4b7041 100644 --- a/GITLAB_PAGES_VERSION +++ b/GITLAB_PAGES_VERSION @@ -1 +1 @@ -16.5.3
\ No newline at end of file +16.5.4
\ No newline at end of file |