| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2020-01-02 | Update VERSION to 12.5.6v12.5.6 | GitLab Release Tools Bot | |
| 2020-01-02 | Update CHANGELOG.md for 12.5.6 | GitLab Release Tools Bot | |
| [ci skip] | |||
| 2019-12-31 | Add latest changes from gitlab-org/security/gitlab@12-5-stable-ee | GitLab Bot | |
| 2019-12-16 | Update VERSION to 12.5.5v12.5.5 | John T Skarbek | |
| 2019-12-16 | Update CHANGELOG.md for 12.5.5 | John T Skarbek | |
| [ci skip] | |||
| 2019-12-16 | Add latest changes from gitlab-org/gitlab@12-5-stable-ee | GitLab Bot | |
| 2019-12-16 | Add latest changes from gitlab-org/gitlab@12-5-stable-ee | GitLab Bot | |
| 2019-12-16 | Add latest changes from gitlab-org/gitlab@12-5-stable-ee | GitLab Bot | |
| 2019-12-10 | Add latest changes from gitlab-org/gitlab@12-5-stable-ee | GitLab Bot | |
| 2019-12-10 | Merge remote-tracking branch 'dev/12-5-stable' into 12-5-stable | GitLab Release Tools Bot | |
| 2019-12-09 | Update VERSION to 12.5.4v12.5.4 | GitLab Release Tools Bot | |
| 2019-12-09 | Update CHANGELOG.md for 12.5.4 | GitLab Release Tools Bot | |
| [ci skip] | |||
| 2019-12-09 | Merge branch 'security-37766-transfer-group-reindex-ce-12-5' into '12-5-stable' | Alessio Caiazza | |
| Trigger Elasticsearch indexing when public group moved to private See merge request gitlab/gitlabhq!3577 | |||
| 2019-12-06 | Trigger Elasticsearch indexing when public group moved to private | Dylan Griffith | |
| This fixes https://gitlab.com/gitlab-org/gitlab/issues/37766 which is caused by the fact that we leave the stale permissions data in the index after a group is moved to another group. | |||
| 2019-12-05 | Add latest changes from gitlab-org/gitlab@12-5-stable-ee | GitLab Bot | |
| 2019-12-03 | Add latest changes from gitlab-org/gitlab@12-5-stable-ee | GitLab Bot | |
| 2019-12-03 | Update VERSION to 12.5.3v12.5.3 | GitLab Release Tools Bot | |
| 2019-12-03 | Update CHANGELOG.md for 12.5.3 | GitLab Release Tools Bot | |
| [ci skip] | |||
| 2019-12-03 | Add latest changes from gitlab-org/gitlab@12-5-stable-ee | GitLab Bot | |
| 2019-11-27 | Add latest changes from gitlab-org/gitlab@12-5-stable-ee | GitLab Bot | |
| 2019-11-27 | Merge remote-tracking branch 'dev/12-5-stable' into 12-5-stable | GitLab Release Tools Bot | |
| 2019-11-27 | Update VERSION to 12.5.2v12.5.2 | GitLab Release Tools Bot | |
| 2019-11-27 | Update CHANGELOG.md for 12.5.2 | GitLab Release Tools Bot | |
| [ci skip] | |||
| 2019-11-27 | Add latest changes from gitlab-org/gitlab@12-5-stable-ee | GitLab Bot | |
| 2019-11-27 | Merge remote-tracking branch 'dev/12-5-stable' into 12-5-stable | GitLab Release Tools Bot | |
| 2019-11-26 | Merge branch 'security-dos-issue-and-commit-comments-12-5' into '12-5-stable' | GitLab Release Tools Bot | |
| Fix invalid byte sequence See merge request gitlab/gitlabhq!3547 | |||
| 2019-11-26 | Update VERSION to 12.5.1v12.5.1 | GitLab Release Tools Bot | |
| 2019-11-26 | Update CHANGELOG.md for 12.5.1 | GitLab Release Tools Bot | |
| [ci skip] | |||
| 2019-11-26 | Merge branch 'security-29660-update-dependencies-12-5' into '12-5-stable' | GitLab Release Tools Bot | |
| Update Workhorse and Gitaly to fix a security issue See merge request gitlab/gitlabhq!3531 | |||
| 2019-11-26 | Merge branch 'security-aws-secret-key-2937-ce-12-5' into '12-5-stable' | GitLab Release Tools Bot | |
| Hide AWS secret on Admin Integration page See merge request gitlab/gitlabhq!3532 | |||
| 2019-11-26 | Hide AWS secret on Admin Integration page | Justin Ho Tuan Duong | |
| 2019-11-26 | Merge branch 'security-ag-cycle-analytics-guest-permissions-12-5' into ↵ | GitLab Release Tools Bot | |
| '12-5-stable' Prevent guests from seeing commits for cycle analytics See merge request gitlab/gitlabhq!3534 | |||
| 2019-11-26 | Merge branch 'security-filter-related-branches-from-activity-feed-12.5' into ↵ | GitLab Release Tools Bot | |
| '12-5-stable' Related Branches Visible to Guests in Issue Activity See merge request gitlab/gitlabhq!3538 | |||
| 2019-11-26 | Merge branch 'security-2943-encrypt-plaintext-tokens-12-5' into '12-5-stable' | GitLab Release Tools Bot | |
| GitLab stores AWS, Slack, Askimet, reCaptcha tokens in plaintext See merge request gitlab/gitlabhq!3543 | |||
| 2019-11-26 | Merge branch 'security-dns-rebind-ssrf-in-slack-notifications-12-5-ce' into ↵ | GitLab Release Tools Bot | |
| '12-5-stable' Use Gitlab::HTTP for all chat notifications See merge request gitlab/gitlabhq!3544 | |||
| 2019-11-26 | Merge branch 'security-33712-ce-12-5' into '12-5-stable' | GitLab Release Tools Bot | |
| Fix private comment Elasticsearch leak See merge request gitlab/gitlabhq!3546 | |||
| 2019-11-26 | Merge branch 'security-fix-xss-in-label-namespace-12-5' into '12-5-stable' | GitLab Release Tools Bot | |
| Escape namespace in label references See merge request gitlab/gitlabhq!3550 | |||
| 2019-11-26 | Merge branch 'security-28802-respect-fork-parent-visibility-12-5' into ↵ | GitLab Release Tools Bot | |
| '12-5-stable' Check permissions before showing a forked project's source See merge request gitlab/gitlabhq!3555 | |||
| 2019-11-26 | Merge branch 'security-exclude_ids_attribute_cleaning-12-5-ce' into ↵ | GitLab Release Tools Bot | |
| '12-5-stable' Ensure attributes that end in `_ids` are cleaned See merge request gitlab/gitlabhq!3558 | |||
| 2019-11-26 | Spec to ensure `_ids` are cleaned by ImportExport::AttributeCleaner | Imre Farkas | |
| 2019-11-26 | Ensure attributes that end in `_ids` are cleaned | DJ Mountney | |
| This prevents an issue where you can steal other projects objects by asking for ids that don't belong to you in import. | |||
| 2019-11-25 | Check permissions before showing a forked project's source | Nick Thomas | |
| 2019-11-25 | Encrypt application settings with pre and post deployments | Arturo Herrero | |
| We had concerns about the cached values on Redis with the previous two releases strategy: First release (this commit): - Create new encrypted fields in the database. - Start populating new encrypted fields, read the encrypted fields or fallback to the plaintext fields. - Backfill the data removing the plaintext fields to the encrypted fields. Second release: - Remove the virtual attribute (created in step 2). - Drop plaintext columns from the database (empty columns after step 3). We end up with a better strategy only using migration scripts in one release: - Pre-deployment migration: Add columns required for storing encrypted values. - Pre-deployment migration: Store the encrypted values in the new columns. - Post-deployment migration: Remove the old unencrypted columns | |||
| 2019-11-25 | Escape namespace in label references | Heinrich Lee Yu | |
| When referencing cross-namespace labels, we append the namespace name to the rendered label. This MR escapes the name to prevent XSS attacks. | |||
| 2019-11-22 | Add latest changes from gitlab-org/gitlab@12-5-stable-ee | GitLab Bot | |
| 2019-11-22 | Fix invalid byte sequence | Patrick Derichs | |
| 2019-11-22 | Add search_helpers changes from security-33712 | Dylan Griffith | |
| 2019-11-22 | Fix group created from other test from polluting | Mark Chao | |
| 2019-11-22 | Test admin for search accessibility | Mark Chao | |
| Disabled features are ignored as they are grey areas | |||
| 2019-11-22 | Internalize private project minimum access level | Mark Chao | |
| Some feature allows GUEST to access only if project is not private. This method returns access level when targeting private projects. | |||
Welcome to mirror list, hosted at ThFree Co, Russian Federation.
 |
index : gitlab.com/gitlab-org/gitlab-foss.git | |
| Unnamed repository; edit this file 'description' to name the repository. | root |
| summaryrefslogtreecommitdiff |