Commit message (Expand) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Merge branch 'master' of dev.gitlab.org:gitlab/gitlabhq | Steve Azzopardi | 2018-11-29 | 1 | -0/+92 |
|\ | |||||
| * | Merge branch 'security-email-change-notification' into 'master' | Cindy Pallares | 2018-11-28 | 5 | -0/+32 |
| |\ | |||||
| | * | Provide email notification on email updates | James Lopez | 2018-11-12 | 5 | -0/+32 |
| * | | Merge branch 'security-fix-uri-xss-applications' into 'master' | Cindy Pallares | 2018-11-28 | 7 | -2/+121 |
| |\ \ | |||||
| | * \ | Merge branch 'master' into 'security-fix-uri-xss-applications' | James Lopez | 2018-11-02 | 1091 | -8369/+16763 |
| | |\ \ | |||||
| | * | | | Resolve reflected XSS in Ouath authorize window | James Lopez | 2018-10-29 | 8 | -3/+122 |
| * | | | | Merge branch 'security-fj-crlf-injection' into 'master' | Cindy Pallares | 2018-11-28 | 5 | -54/+128 |
| |\ \ \ \ | |||||
| | * | | | | [master] Fix CRLF issue in UrlValidator | Francisco Javier López | 2018-11-28 | 5 | -54/+128 |
| |/ / / / | |||||
| * | | | | Merge branch 'security-fix-pat-web-access' into 'master' | Cindy Pallares | 2018-11-28 | 28 | -281/+538 |
| |\ \ \ \ | |||||
| | * | | | | Update code to use API scope on PAT auth | James Lopez | 2018-11-23 | 28 | -281/+538 |
| * | | | | | Merge branch 'security-guest-comments' into 'master' | Cindy Pallares | 2018-11-28 | 13 | -34/+187 |
| |\ \ \ \ \ | |||||
| | * | | | | | [master]Fixed ability to comment on and edit/delete comments on locked or con... | Chantal Rollison | 2018-11-28 | 13 | -34/+187 |
| |/ / / / / | |||||
| * | | | | | Merge branch 'security-pages-toctou-race' into 'master' | Cindy Pallares | 2018-11-28 | 2 | -1/+7 |
| |\ \ \ \ \ | |||||
| | * | | | | | Upgrade GitLab Pages to v1.3.1 | Alessio Caiazza | 2018-11-21 | 2 | -1/+7 |
| * | | | | | | Merge branch 'security-xss-in-markdown-following-unrecognized-html-element' i... | Cindy Pallares | 2018-11-28 | 5 | -2/+25 |
| |\ \ \ \ \ \ | |||||
| | * | | | | | | Sanitize output of SpacedLinkFilter | Brett Walker | 2018-11-16 | 5 | -2/+25 |
| * | | | | | | | Merge branch 'security-mermaid-xss' into 'master' | Cindy Pallares | 2018-11-28 | 4 | -1/+21 |
| |\ \ \ \ \ \ \ | |||||
| | * | | | | | | | [master] Fix XSS in mermaid diagrams | Winnie Hellmann | 2018-11-28 | 4 | -1/+21 |
| |/ / / / / / / | |||||
| * | | | | | | | Merge branch 'security-bvl-exposure-in-commits-list' into 'master' | Cindy Pallares | 2018-11-28 | 3 | -55/+67 |
| |\ \ \ \ \ \ \ | |||||
| | * | | | | | | | Don't use fragment cache on commit page | Bob Van Landuyt | 2018-11-19 | 3 | -55/+67 |
| * | | | | | | | | Merge branch 'security-issue_51301' into 'master' | Cindy Pallares | 2018-11-28 | 6 | -12/+96 |
| |\ \ \ \ \ \ \ \ | |||||
| | * | | | | | | | | Fix milestone promotion authorization | Felipe Artur | 2018-11-14 | 6 | -12/+96 |
| * | | | | | | | | | Merge branch 'security-2736-prometheus-ssrf' into 'master' | Cindy Pallares | 2018-11-28 | 4 | -3/+25 |
| |\ \ \ \ \ \ \ \ \ | |||||
| | * | | | | | | | | | Changelog entry for prometheus ssrf fix | rpereira2 | 2018-11-13 | 1 | -0/+5 |
| | * | | | | | | | | | Fix rubocop missing whitespace warnings | rpereira2 | 2018-11-13 | 1 | -2/+2 |
| | * | | | | | | | | | No redirects in prometheus service | rpereira2 | 2018-11-13 | 3 | -3/+20 |
| * | | | | | | | | | | Merge branch 'security-stored-xss-for-environments' into 'master' | Cindy Pallares | 2018-11-28 | 6 | -5/+66 |
| |\ \ \ \ \ \ \ \ \ \ | |||||
| | * | | | | | | | | | | Cleanup stored XSS from environments table | Alessio Caiazza | 2018-11-21 | 2 | -0/+46 |
| | * | | | | | | | | | | Validate URI scheme also for internal URI | Alessio Caiazza | 2018-11-21 | 4 | -5/+20 |
| | | |_|_|_|/ / / / / | | |/| | | | | | | | | |||||
| * | | | | | | | | | | Merge branch 'security-private-group' into 'master' | Cindy Pallares | 2018-11-28 | 3 | -0/+26 |
| |\ \ \ \ \ \ \ \ \ \ | |||||
| | * | | | | | | | | | | Fixed read private group names | Chantal Rollison | 2018-11-12 | 3 | -0/+26 |
| * | | | | | | | | | | | Merge branch 'security-182-update-workhorse' into 'master' | Cindy Pallares | 2018-11-28 | 3 | -1/+9 |
| |\ \ \ \ \ \ \ \ \ \ \ | |||||
| | * | | | | | | | | | | | Redact sensitive information on workhorse log | Mark Chao | 2018-11-23 | 3 | -1/+9 |
| * | | | | | | | | | | | | Update CHANGELOG.md for 11.4.8 | GitLab Release Tools Bot | 2018-11-27 | 1 | -0/+30 |
| * | | | | | | | | | | | | Update CHANGELOG.md for 11.3.11 | GitLab Release Tools Bot | 2018-11-26 | 1 | -0/+39 |
| * | | | | | | | | | | | | Update CHANGELOG.md for 11.5.1 | GitLab Release Tools Bot | 2018-11-26 | 1 | -0/+23 |
* | | | | | | | | | | | | | Merge branch 'restore-ssh-host-keys' into 'master' | Evan Read | 2018-11-29 | 1 | -0/+2 |
|\ \ \ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | | | Add clarification on Host Keys | Davin Walker | 2018-11-28 | 1 | -0/+2 |
* | | | | | | | | | | | | | | Merge branch 'sh-bump-gitlab-shell-8.4.3' into 'master' | Stan Hu | 2018-11-29 | 1 | -1/+1 |
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | | | | Bump gitlab-shell to 8.4.3 | Stan Hu | 2018-11-28 | 1 | -1/+1 |
* | | | | | | | | | | | | | | | Merge branch 'doc-for-knative-ip-address' into 'master' | Evan Read | 2018-11-29 | 1 | -8/+5 |
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | | | | | Update Knative IP address docs | Dylan Griffith | 2018-11-28 | 1 | -8/+5 |
* | | | | | | | | | | | | | | | | Merge branch 'security-11-5-fix-webhook-ssrf-ipv6' into 'security-11-5' | Steve Azzopardi | 2018-11-28 | 3 | -13/+112 |
* | | | | | | | | | | | | | | | | Merge branch 'security-email-change-notification' into 'master' | Cindy Pallares | 2018-11-28 | 5 | -0/+32 |
* | | | | | | | | | | | | | | | | Merge branch 'security-fix-uri-xss-applications' into 'master' | Cindy Pallares | 2018-11-28 | 7 | -2/+121 |
* | | | | | | | | | | | | | | | | Merge branch 'security-fj-crlf-injection' into 'master' | Cindy Pallares | 2018-11-28 | 5 | -54/+128 |
* | | | | | | | | | | | | | | | | Merge branch 'security-fix-pat-web-access' into 'master' | Cindy Pallares | 2018-11-28 | 28 | -281/+538 |
* | | | | | | | | | | | | | | | | Merge branch 'security-guest-comments' into 'master' | Cindy Pallares | 2018-11-28 | 13 | -34/+187 |
* | | | | | | | | | | | | | | | | Merge branch 'security-pages-toctou-race' into 'master' | Cindy Pallares | 2018-11-28 | 2 | -1/+7 |
* | | | | | | | | | | | | | | | | Merge branch 'security-xss-in-markdown-following-unrecognized-html-element' i... | Cindy Pallares | 2018-11-28 | 5 | -2/+25 |