diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-01 15:54:58 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-01 15:54:58 +0000 |
| commit | 22f3fab9f647bb1ea6e19330b5ca0e877d7ff344 (patch) | |
| tree | 4fb19e228eb7a518cbd5d32497bddd4cc031ab74 | |
| parent | b3720499932d69dc76318db1960618b0ad6cf6db (diff) | |
| download | gitlab-ce-22f3fab9f647bb1ea6e19330b5ca0e877d7ff344.tar.gz | |
Add latest changes from gitlab-org/security/gitlab@15-10-stable-eev15.10.5
| -rw-r--r-- | CHANGELOG.md | 14 | ||||
| -rw-r--r-- | GITALY_SERVER_VERSION | 2 | ||||
| -rw-r--r-- | GITLAB_PAGES_VERSION | 2 |
3 files changed, 16 insertions, 2 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 2fd9c06984b..c82d7270e75 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,20 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 15.10.5 (2023-05-01) + +### Security (9 changes) + +- [Set minimum role for importing projects to Maintainer](gitlab-org/security/gitlab@d4cff7e53961d819b30ae748a38e4c8e4d856b32) ([merge request](gitlab-org/security/gitlab!3215)) +- [Commit trailers now only match public user email addresses](gitlab-org/security/gitlab@4948acdb39ba6ae9a71ef133e38ec47327d14f97) ([merge request](gitlab-org/security/gitlab!3208)) +- [Handle invalid URLs in asset proxy](gitlab-org/security/gitlab@b22e923ab3d48d9389311192d92dd89e2bfc24aa) ([merge request](gitlab-org/security/gitlab!3212)) +- [Relay state to check for only allowing sub paths](gitlab-org/security/gitlab@24f84fafd65dfedf36e859d305dd46bf3e71c8dc) ([merge request](gitlab-org/security/gitlab!3220)) +- [Prohibit 40 character hex sets at beginning of path-based branch name](gitlab-org/security/gitlab@71d30b6537f6853fef45acba16ab26b6f32718f7) ([merge request](gitlab-org/security/gitlab!3194)) +- [Add specs for external users flag](gitlab-org/security/gitlab@dfdb540285e573bd55a8647db4de8370ba6b3286) ([merge request](gitlab-org/security/gitlab!3190)) +- [Update policy to prevent banned members from accessing public projects](gitlab-org/security/gitlab@bc211b8be25e56f35c80d2331447f251c7a7dd56) ([merge request](gitlab-org/security/gitlab!3186)) +- [Use dummy filename as filename when viewing raw xml files](gitlab-org/security/gitlab@6d871f56d7a343d705f8c849d24a94b3528c3a97) ([merge request](gitlab-org/security/gitlab!3192)) +- [Authorize access to vulnerabilitiesCountByDay resolver](gitlab-org/security/gitlab@888c187aab7c7062ea43b61a282c4dea8c6a47be) ([merge request](gitlab-org/security/gitlab!3180)) + ## 15.10.4 (2023-04-21) ### Fixed (1 change) diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION index 597ea7a6e31..3c46dc56587 100644 --- a/GITALY_SERVER_VERSION +++ b/GITALY_SERVER_VERSION @@ -1 +1 @@ -15.10.4
\ No newline at end of file +15.10.5
\ No newline at end of file diff --git a/GITLAB_PAGES_VERSION b/GITLAB_PAGES_VERSION index 597ea7a6e31..3c46dc56587 100644 --- a/GITLAB_PAGES_VERSION +++ b/GITLAB_PAGES_VERSION @@ -1 +1 @@ -15.10.4
\ No newline at end of file +15.10.5
\ No newline at end of file |