summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorYorick Peterse <yorickpeterse@gmail.com>2019-01-25 12:11:33 +0000
committerYorick Peterse <yorickpeterse@gmail.com>2019-01-25 12:11:33 +0000
commite8ec4b96967cc78597e309f162801b3bb2eabac0 (patch)
tree4b4335892857fd3e18aa92c732ade957885c30b3
parent8808f1d917dc9eea59471386881b96038881c236 (diff)
parent446a1da00e9cee53c91b06763f5b3992c21a7c9f (diff)
downloadgitlab-ce-e8ec4b96967cc78597e309f162801b3bb2eabac0.tar.gz
Merge branch 'security-2780-disable-git-v2-protocol' into 'master'
[master] Disable git v2 protocol temporarily Closes #2780 See merge request gitlab/gitlabhq!2827
-rw-r--r--GITALY_SERVER_VERSION2
-rw-r--r--changelogs/unreleased/security-2780-disable-git-v2-protocol.yml5
-rw-r--r--doc/administration/git_protocol.md7
3 files changed, 13 insertions, 1 deletions
diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION
index cd99d386a8d..63e799cf451 100644
--- a/GITALY_SERVER_VERSION
+++ b/GITALY_SERVER_VERSION
@@ -1 +1 @@
-1.14.0 \ No newline at end of file
+1.14.1
diff --git a/changelogs/unreleased/security-2780-disable-git-v2-protocol.yml b/changelogs/unreleased/security-2780-disable-git-v2-protocol.yml
new file mode 100644
index 00000000000..30a08a98e83
--- /dev/null
+++ b/changelogs/unreleased/security-2780-disable-git-v2-protocol.yml
@@ -0,0 +1,5 @@
+---
+title: Disable git v2 protocol temporarily
+merge_request:
+author:
+type: security
diff --git a/doc/administration/git_protocol.md b/doc/administration/git_protocol.md
index 341a00009e5..11b2adeeeb8 100644
--- a/doc/administration/git_protocol.md
+++ b/doc/administration/git_protocol.md
@@ -5,6 +5,13 @@ description: "Set and configure Git protocol v2"
# Configuring Git Protocol v2
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/46555) in GitLab 11.4.
+> [Temporarily disabled](https://gitlab.com/gitlab-org/gitlab-ce/issues/55769) in GitLab 11.5.8, 11.6.6, 11.7.1, and 11.8+
+
+NOTE: **Note:**
+Git protocol v2 support has been [temporarily disabled](https://gitlab.com/gitlab-org/gitlab-ce/issues/55769),
+as a feature used to hide certain internal references does not function when it
+is enabled, and this has a security impact. Once this problem has been resolved,
+protocol v2 support will be re-enabled.
Git protocol v2 improves the v1 wire protocol in several ways and is
enabled by default in GitLab for HTTP requests. In order to enable SSH,