Merge branch 'security-64519-circular-graphql-queries-12-2' into '12-2-stable'

Nested GraphQL query with circular relationship can cause Denial of Service See merge request gitlab/gitlabhq!3385
author: GitLab Release Tools Bot <robert+release-tools@gitlab.com> 2019-10-24 18:54:10 +0000
committer: GitLab Release Tools Bot <robert+release-tools@gitlab.com> 2019-10-24 18:54:10 +0000
commit: 64c028b6f886ada11ac695875fdbe48ac98e1d96 (patch)
tree: c78df828be3bee3475c4e114c8f4c671ba5ca105 /changelogs/unreleased/security-64519-nested-graphql-query-can-cause-denial-of-service.yml
parent: 97dfa40ae21b9155e942fabf7a1d2457176d0f48 (diff)
parent: 6a836620037c9392dfe4c20306f6522d3e043dfd (diff)
download: gitlab-ce-64c028b6f886ada11ac695875fdbe48ac98e1d96.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/changelogs/unreleased/security-64519-nested-graphql-query-can-cause-denial-of-service.yml b/changelogs/unreleased/security-64519-nested-graphql-query-can-cause-denial-of-service.yml
new file mode 100644
index 00000000000..5ce37b0d032
--- /dev/null
+++ b/changelogs/unreleased/security-64519-nested-graphql-query-can-cause-denial-of-service.yml
@@ -0,0 +1,5 @@
+---
+title: Analyze incoming GraphQL queries and check for recursion
+merge_request:
+author:
+type: security
author	GitLab Release Tools Bot <robert+release-tools@gitlab.com>	2019-10-24 18:54:10 +0000
committer	GitLab Release Tools Bot <robert+release-tools@gitlab.com>	2019-10-24 18:54:10 +0000
commit	64c028b6f886ada11ac695875fdbe48ac98e1d96 (patch)
tree	c78df828be3bee3475c4e114c8f4c671ba5ca105 /changelogs/unreleased/security-64519-nested-graphql-query-can-cause-denial-of-service.yml
parent	97dfa40ae21b9155e942fabf7a1d2457176d0f48 (diff)
parent	6a836620037c9392dfe4c20306f6522d3e043dfd (diff)
download	gitlab-ce-64c028b6f886ada11ac695875fdbe48ac98e1d96.tar.gz