Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/changelogs
AgeCommit message (Collapse)Author
2019-01-29Update CHANGELOG.md for 11.6.6GitLab Release Tools Bot
[ci skip]
2019-01-25Merge branch 'security-11-6-22076-sanitize-url-in-names' into 'security-11-6'Yorick Peterse
[11.6] Sanitize user full name to clean up any URL to prevent mail clients from auto-linking URLs See merge request gitlab/gitlabhq!2829 (cherry picked from commit 7dd747b8ce1f59672c530af25237bdf661cb480a) 61fc453c Add `sanitize_name` helper to sanitize URLs in user full name e5cd214e Use `sanitize_name` to sanitize URL in user full name 1b000d5a Add changelog entry
2019-01-25Merge branch 'security-project-move-users-11-6' into 'security-11-6'Yorick Peterse
[11.6] Sent notification only to authorized users See merge request gitlab/gitlabhq!2857 (cherry picked from commit 4152329ce44bbc7567a1c7b03d5bf9e84bb1efc7) fb0fd18c Sent notification only to authorized users
2019-01-25Merge branch '11-6-security-stored-xss-via-katex' into 'security-11-6'Yorick Peterse
[11.6] Resolve "[Security] Stored XSS via KaTeX" See merge request gitlab/gitlabhq!2755 (cherry picked from commit f79ff59ee1e21a5dbff19b86c5d5af16b62ac894) 024098db 11.6 backport of fix for XSS in KaTex Links 37b798d7 Merge branch 'security-11-6' of https://dev.gitlab.org/gitlab/gitlabhq into...
2019-01-25Merge branch 'security-2780-disable-git-v2-protocol-11-6' into 'security-11-6'Yorick Peterse
[11.6] Disable git v2 protocol temporarily See merge request gitlab/gitlabhq!2860 (cherry picked from commit 5c80952f99aea931d53ac58b6068e1eabd8b6295) d7d7bc0d Allow Gitaly to be built from a custom URL c478d134 Disable git v2 protocol temporarily
2019-01-24Merge branch 'sh-fix-issue-56663-11-6' into 'security-11-6'Yorick Peterse
[11.6] Alias GitHub and BitBucket OAuth2 callback URLs See merge request gitlab/gitlabhq!2846 (cherry picked from commit f8a23d89e6f94a74b2779b3b215c475a39ba8de3) f652a9e0 Alias GitHub and BitBucket OAuth2 callback URLs
2019-01-24Merge branch 'security-fix-user-email-tag-push-leak-11-6' into 'security-11-6'Yorick Peterse
[11.6] Security fix user email tag push leak See merge request gitlab/gitlabhq!2808 (cherry picked from commit 7260e6e0c2ad3df7dea2c0bd5c0d91c4bc5b15ae) 589c57c7 Prefer build() rather than create() 63d13410 Fix private user email being visible in tag webhooks
2019-01-24Merge branch 'security-import-path-logging-11-6' into 'security-11-6'Yorick Peterse
[11.6] Fix error disclosure on Project Import See merge request gitlab/gitlabhq!2733 (cherry picked from commit b4797537a586bce6a96580a0257f59f9c6a92c14) f470ad2f Fix path disclosure on Project Import
2019-01-24Merge branch 'security-contributed-projects-11-6' into 'security-11-6'Yorick Peterse
[11.6] Contributed projects info is still visible even user enable private profile See merge request gitlab/gitlabhq!2765 (cherry picked from commit dfc0edd52628ba86578f1b6645575049b9db1058) 7502af85 Fix contributed projects finder shown private info 06aadabb Use old spec syntax
2019-01-24Merge branch 'security-import-project-visibility-11-6' into 'security-11-6'Yorick Peterse
[11.6] Fix Imported Project Retains Prior Visibility Setting See merge request gitlab/gitlabhq!2853 (cherry picked from commit 348a5dbc905cac1d61158e9fb83b82185a27cb04) aaca3d2b Fix tree restorer visibility level 1d942ad1 Update schema file
2019-01-24Merge branch 'security-11-6-2769-idn-homograph-attack' into '11-6-stable'Yorick Peterse
[11.6] GitLab vulnerable to IDN homograph attacks and RTLO attacks See merge request gitlab/gitlabhq!2822
2019-01-24Merge branch 'security-pipeline-trigger-tokens-exposure-11-6' into ↵Yorick Peterse
'security-11-6' [11.6] Do not expose trigger token when user should not see it See merge request gitlab/gitlabhq!2759 (cherry picked from commit 33fbd62b9b4a73679a9f3cd1d9020e5dc6e9072d) 64a328be Do not expose trigger token when user should not see it
2019-01-24Merge branch 'security-fix-regex-dos-11-6' into 'security-11-6'Yorick Peterse
[11.6] Fix DoS in reference extraction regexes See merge request gitlab/gitlabhq!2778 (cherry picked from commit 06f1ea1f540b62aefbaa4f69901de2d29df11e7c) e73f2f1d Fix slow project reference pattern regex
2019-01-24Merge branch 'security-do-not-process-mr-ref-for-guests-11-6' into ↵Yorick Peterse
'security-11-6' [11.6] Don't process MR refs for guests in the notes See merge request gitlab/gitlabhq!2782 (cherry picked from commit ee0f107791921dec7a6e3d43fe45ebef43d864be) 6e10237d Don't process MR refs for guests in the notes
2019-01-24Merge branch 'security-bump-rails-version-11-6' into 'security-11-6'Yorick Peterse
[11.6] Bump Rails version to 5.0.7.1 See merge request gitlab/gitlabhq!2797 (cherry picked from commit 3a5dd09effda664888b25c935142b5c8fc23c304) f705c816 Bump Ruby on Rails version to 5.0.7.1
2019-01-24Merge branch ↵Yorick Peterse
'security-fix-wiki-access-rights-with-external-wiki-enabled-11-6' into 'security-11-6' [11.6] Fix access to internal wiki when external wiki is enabled See merge request gitlab/gitlabhq!2801 (cherry picked from commit 1edd23f18210a03ab3e1f6925aa4e434f68cee79) 24a48893 Fixed bug when external wiki is enabled
2019-01-24Merge branch 'security-11-6-test-permissions' into 'security-11-6'Yorick Peterse
[11.6] Pipelines section is available to unauthorized users See merge request gitlab/gitlabhq!2805 (cherry picked from commit 6f6e0e2ba7e8e2afe38e2d57883a8dfda0685d86) e5c0b597 Backport security fix 181c74a1 Add CHANGELONG entry
2019-01-24Merge branch 'security-fix-new-issues-login-message-11-6' into 'security-11-6'Yorick Peterse
[11.6] Use common error for not logged in users when creating issues See merge request gitlab/gitlabhq!2812 (cherry picked from commit fe692173d2da5df4646050725359bc7fd1c99f4e) a2dba33c Use common error for unauthenticated users
2019-01-24Merge branch 'security-guests-can-see-list-of-merge-requests-11-6' into ↵Yorick Peterse
'security-11-6' [11.6] Group Guests are no longer able to see merge requests See merge request gitlab/gitlabhq!2815 (cherry picked from commit a662cfdb80a9d7fe6eacbc1a40fb24b5a7b9272e) f7a2dabd Group Guests are no longer able to see merge requests
2019-01-24Merge branch 'security-fix-lfs-import-project-ssrf-forgery-11-6' into ↵Yorick Peterse
'security-11-6' [11.6] LFS object forgery in project import See merge request gitlab/gitlabhq!2818 (cherry picked from commit 6402c62822692b924ee95234cbcc2578501236f9) bb635c64 Added validations to prevent LFS object forgery
2019-01-24Merge branch 'security-2779-fix-email-comment-permissions-check-11-6' into ↵Yorick Peterse
'security-11-6' [11.6] Fix discussion replies permissions check See merge request gitlab/gitlabhq!2825 (cherry picked from commit 367767766d9727101908a1f195120732d72201b1) 313a9f2e Prevent comments by email when issue is locked
2019-01-24Merge branch 'security-extract-pages-with-rubyzip-dev-11-6' into 'security-11-6'Yorick Peterse
[11.6] Security extract pages with rubyzip See merge request gitlab/gitlabhq!2834 (cherry picked from commit a55b637dea3b526ad48bd9a27352c5d7ca2d54db) 57be1a57 Extract GitLab Pages using RubyZip eeeafb9b Fix Gemfile.rails4.lock
2019-01-24Merge branch 'security-11-6-commit-status-shown-for-guest-user' into ↵Yorick Peterse
'security-11-6' [11.6] Stop showing ci for guest users See merge request gitlab/gitlabhq!2836 (cherry picked from commit 6390008e01ddfbbcff3b0f16f88bdd38bfcaf0ed) 75ec9ba8 Stop showing ci for guest users
2019-01-24Merge branch 'security-2776-fix-add-reaction-permissions-11-6' into ↵Yorick Peterse
'security-11-6' [11.6] Revoke award_emoji permissions for confidential issues See merge request gitlab/gitlabhq!2850 (cherry picked from commit f645472619fe1e1ec4fdaa02010408d548287efb) 47d86827 Prevent award_emoji to notes not visible to user
2019-01-24Merge branch 'security-2767-verify-lfs-finalize-from-workhorse-11-6' into ↵Yorick Peterse
'security-11-6' [11.6] Verify that LFS upload requests are genuine See merge request gitlab/gitlabhq!2863 (cherry picked from commit 6154e199fee175685e24a5b0b0d57f5971b1ed08) edb61807 Verify that LFS upload requests are genuine
2019-01-21Show tooltip for malicious looking linksBrett Walker
Such as those with IDN homographs or embedded right-to-left (RTLO) characters. Autolinked hrefs should be escaped
2019-01-17Update CHANGELOG.md for 11.6.5GitLab Release Tools Bot
[ci skip]
2019-01-16Merge branch 'sh-fix-gon-helper-avatar' into 'master'Rémy Coutable
Fix no avatar not showing in user selection box Closes #56268 See merge request gitlab-org/gitlab-ce!24346 (cherry picked from commit 8285205815ccdb25238fcae1c1e91063a46f19b0) 2265ce34 Fix no avatar not showing in user selection box
2019-01-16Merge branch 'sh-fix-request-profiles-html' into 'master'Sean McGivern
Fix requests profiler in admin page not rendering HTML properly Closes #56152 See merge request gitlab-org/gitlab-ce!24291 (cherry picked from commit 59c0c173b471d50007442c95464df0cac0030fc6) 4ac4ba26 Fix requests profiler in admin page not rendering HTML properly
2019-01-16Merge branch 'sh-fix-real-size-warnings' into 'master'Robert Speicher
Fix broken templated "Too many changes to show" text Closes #56138 See merge request gitlab-org/gitlab-ce!24282 (cherry picked from commit 819de8e8084e1b0cc102664abb8bbc836ff99ede) 488d7d1f Fix broken templated "Too many changes to show" text
2019-01-16Merge branch '55945-suggested-change-highlight' into 'master'Phil Hughes
Add syntax highlighting to suggestion diff Closes #55945 See merge request gitlab-org/gitlab-ce!24156 (cherry picked from commit da3b20f7a4cbcbf1698b995f6dc69fa388bc5b2f) 2635f2c6 Add syntax highlighting to suggestion diff e3919efd Add unit test for syntax highlighting 95f2d284 Add changelog entry
2019-01-16Merge branch 'suggestion-dashes' into 'master'Kushal Pandya
Fixes diff sugestions removing dashes from diff Closes #55634 See merge request gitlab-org/gitlab-ce!23994 (cherry picked from commit 32f80629bdbd4d2fcd43b6220da373394ffd95b6) e6f1209e Fixes diff sugestions removing dashes from diff
2019-01-15Update CHANGELOG.md for 11.6.4GitLab Release Tools Bot
[ci skip]
2019-01-15Merge branch 'security-2770-verify-bundle-import-files-11-6' into ↵Yorick Peterse
'security-11-6' [11.6] Validate bundle files before unpacking them See merge request gitlab/gitlabhq!2774 (cherry picked from commit ad73bf817253ec4fc3fae8c7fb60898f11922218) 5f2fe991 Validate bundle files before unpacking them
2019-01-05Update CHANGELOG.md for 11.6.3GitLab Release Tools Bot
[ci skip]
2019-01-04Merge branch 'sh-fix-clone-url-for-https' into 'master'Douglas Barbosa Alexandre
Fix clone URL not showing if protocol is HTTPS Closes #55896 See merge request gitlab-org/gitlab-ce!24131 (cherry picked from commit 64c582d1841a35193c684a707b9688feb2d21772) 913084e6 Fix clone URL not showing if protocol is HTTPS
2019-01-03Update CHANGELOG.md for 11.6.2GitLab Release Tools Bot
[ci skip]
2019-01-02Merge branch 'fj-55781-fix-api-blob-content-disposition' into 'master'Sean McGivern
Fixed content-disposition in blob and files API endpoint Closes #55781 See merge request gitlab-org/gitlab-ce!24078 (cherry picked from commit ca14b70d5201852751d79d6a0827b81689fff5be) 2cd47bba Fixed api content-disposition in blob and files endpoint
2019-01-02Merge branch 'sh-fix-clone-geo-dropdown' into 'master'Stan Hu
Fix clone dropdown parent inheritance issues in HAML See merge request gitlab-org/gitlab-ce!24029 (cherry picked from commit 68e312b20d7fa16ec924be7a7d10fc67ee0c4292) 9e3f9f75 Fix clone dropdown parent inheritance issues in HAML 70d155e8 Add changelog entry
2019-01-02Merge branch 'sh-fix-http-clone-panel' into 'master'Kushal Pandya
Fix missing Git clone button when protocol restriction setting enabled Closes #55676 See merge request gitlab-org/gitlab-ce!24015 (cherry picked from commit f044679c96251c82de310219a48cb7814dfe5143) 4a8b4d8a Fix missing Git clone button when protocol restriction setting enabled f50ee65b Add spec for HTTP/SSH clone panel 91b0754d Fix HTTP/SSH clone panel for mobile 29adade5 Fix and move specs into admin_disables_git_access_protocol_spec.rb
2019-01-02Merge branch 'markdown-toolbar-btn-fix' into 'master'Filipa Lacerda
Fixes the markdown toolbar buttons Closes #55618 See merge request gitlab-org/gitlab-ce!23979 (cherry picked from commit 82772caf727e3ea59513ffff6693bab1ee37b53f) 3019a567 Fixes the markdown toolbar buttons
2019-01-02Merge branch ↵Stan Hu
'54953-fix-commit_email_hostname-accessor-in-fake_application_settings' into 'master' Add FakeApplicationSettings#commit_email_hostname Closes #54953 See merge request gitlab-org/gitlab-ce!23939 (cherry picked from commit 2a9ba34dde0058c94caa696b2be1e53687faf0d0) ecb847fd Add FakeApplicationSettings#commit_email_hostname
2019-01-02Merge branch '55103-hide-group-cluster-features' into 'master'Kushal Pandya
Resolve "Hide cluster features that don't work yet with Group Clusters" Closes #55103 See merge request gitlab-org/gitlab-ce!23935 (cherry picked from commit a91138baaba93b72c3b487d38e11299e99d2071e) 4ed4a640 Expose environment's cluster type 55bfea0a Disable terminal button for group clusters bfbea9b8 Use constants for cluster_type b1fb15f8 Fix formatting e9c4f190 Add CHANGELOG.md entry for gitlab-ce!23935 0d608a7b Add test for environment_terminal_button e18fb5b3 Memoize call for EnvironmentEntity#cluster_type a45fb5d6 Moves memoization to Environment
2019-01-02Merge branch '51668-fix-line-numbers' into 'master'Mike Greiling
Fix line-height of line numbers Closes #55278 and #51668 See merge request gitlab-org/gitlab-ce!23775 (cherry picked from commit ed3f0100c3f5c71e3370bcbbf1687a627f4ecc1d) c21df376 Adjust line height of blame view line numbers
2018-12-28Update CHANGELOG.md for 11.6.1GitLab Release Tools Bot
[ci skip]
2018-12-27Merge branch 'security-11-6' of dev.gitlab.org:gitlab/gitlabhq into 11-6-stableJohn Jarvis
2018-12-27Merge branch 'security-fix/security-group-user-removal-11-6' into ↵John Jarvis
'security-11-6' [11.6] Resolve "Removing a user from a private group doesn't remove them from group's project, if their project's role was changed" See merge request gitlab/gitlabhq!2716
2018-12-27Merge branch 'security-import-symlink-11-6' into 'security-11-6'John Jarvis
[11.6] Persistent Symlink in Project Import See merge request gitlab/gitlabhq!2728
2018-12-27Merge remote-tracking branch 'origin/security-48259-private-snippet-11-6' ↵John Jarvis
into security-11-6
2018-12-27Merge branch 'security-11-6' into ↵James Lopez
'security-fix/security-group-user-removal-11-6' # Conflicts: # app/services/members/destroy_service.rb
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-09 19:21:34 +0300