delta/gitlab/gitlab-ce.git - gitlab.com: gitlab-org/gitlab-ce.git

	Commit message (Collapse)	Author	Age	Files	Lines
*	Update VERSION to 11.2.7v11.2.7	GitLab Release Tools Bot	2018-10-27	1	-1/+1
\|
*	Update CHANGELOG.md for 11.2.7	GitLab Release Tools Bot	2018-10-27	1	-0/+4
\| \| \|	[ci skip]
*	Merge branch 'fix_pat_auth-11-2' into 'security-11-2'	Robert Speicher	2018-10-26	3	-3/+3
\| \| \| \| \|	[11.2] Fix Token lookup for Git over HTTP and registry authentication See merge request gitlab/gitlabhq!2579
*	Update VERSION to 11.2.6v11.2.6	GitLab Release Tools Bot	2018-10-26	1	-1/+1
\|
*	Update CHANGELOG.md for 11.2.6	GitLab Release Tools Bot	2018-10-26	6	-25/+11
\| \| \|	[ci skip]
*	Merge branch 'security-11-2-2717-fix-issue-title-xss' into 'security-11-2'	Jan Provaznik	2018-10-24	3	-4/+25
\| \| \| \| \|	[11.2] Escape issue title while template rendering to prevent XSS See merge request gitlab/gitlabhq!2558
*	Merge branch 'security-redact-links-11-2' into 'security-11-2'	Jan Provaznik	2018-10-24	11	-1/+382
\| \| \| \| \|	[11.2] Redact unsubscribe links in issuable texts See merge request gitlab/gitlabhq!2567
*	Merge branch 'security-fix/control-headers-11-2' into 'security-11-2'	Jan Provaznik	2018-10-24	4	-7/+65
\| \| \| \| \|	: [11.2] Resolve "Sensitive information is stored in browser history" See merge request gitlab/gitlabhq!2560
*	Merge branch 'security-11-2-junit-test-report-exposes-stacktrace' into ↵	Jan Provaznik	2018-10-24	1	-4/+4
\| \| \| \| \| \| \|	'security-11-2' [11.2] JUnit test reports endpoint exposes full stack trace in production mode See merge request gitlab/gitlabhq!2554
*	Merge branch 'security-if-51113-hash_tokens-11-2' into 'security-11-2'	Jan Provaznik	2018-10-24	20	-69/+701
\| \| \| \| \|	[11.2] Persist only SHA digest of PersonalAccessToken#token See merge request gitlab/gitlabhq!2553
*	Merge branch 'security-11-2-51527-xss-in-mr-source-branch' into 'security-11-2'	Thiago Presa	2018-10-24	3	-9/+17
\| \| \| \| \|	[11.2] Fix XSS in MR source branch name See merge request gitlab/gitlabhq!2546
*	Merge branch 'sh-block-other-localhost-11-2' into 'security-11-2'	Thiago Presa	2018-10-24	3	-0/+37
\| \| \| \| \|	[11.2] Prevent SSRF attacks in HipChat integration See merge request gitlab/gitlabhq!2549
*	Update VERSION to 11.2.5v11.2.5	GitLab Release Tools Bot	2018-10-05	1	-1/+1
\|
*	Update CHANGELOG.md for 11.2.5	GitLab Release Tools Bot	2018-10-05	4	-15/+9
\| \| \|	[ci skip]
*	Merge branch 'security-bw-confidential-titles-through-markdown-api-11-2' ↵	Bob Van Landuyt	2018-10-04	5	-5/+62
\| \| \| \| \| \| \|	into 'security-11-2' [11.2] Confidential issue/private snippet titles can be read by unauthenticated user through GFM markdown API See merge request gitlab/gitlabhq!2534
*	Merge branch 'security-fix-leaking-private-project-namespace-11-2' into ↵	Bob Van Landuyt	2018-10-04	6	-33/+80
\| \| \| \| \| \| \|	'security-11-2' [11-2] Fix leaking private project namespace See merge request gitlab/gitlabhq!2541
*	Merge branch 'security-osw-user-info-leak-discussions-11-2' into 'security-11-2'	Bob Van Landuyt	2018-10-04	4	-1/+39
\| \| \| \| \|	[11.2] Filter user sensitive data from discussions JSON See merge request gitlab/gitlabhq!2538
*	Update VERSION to 11.2.4v11.2.4	GitLab Release Tools Bot	2018-09-26	1	-1/+1
\|
*	Update CHANGELOG.md for 11.2.4	GitLab Release Tools Bot	2018-09-26	7	-30/+12
\| \| \|	[ci skip]
*	Merge branch 'security-fj-stored-xss-in-repository-imports-11-2' into ↵	Bob Van Landuyt	2018-09-25	3	-1/+34
\| \| \| \| \| \| \|	'security-11-2' [11.2] Stored XSS in Gitlab Merge Request from imported repository See merge request gitlab/gitlabhq!2501
*	Merge branch 'security-package-json-xss-11-2' into 'security-11-2'	Bob Van Landuyt	2018-09-25	3	-5/+24
\| \| \| \| \|	[11.2] Fix XSS vulnerability sourced from package.json's homepage See merge request gitlab/gitlabhq!2509
*	Merge branch 'fix-events-finder-incomplete-11-2' into 'security-11-2'	Bob Van Landuyt	2018-09-24	7	-6/+235
\| \| \| \| \|	[11.2] Redact events shown in the events API See merge request gitlab/gitlabhq!2519
*	Merge branch 'zj-gitaly-sec-11-2' into 'security-11-2'	Bob Van Landuyt	2018-09-24	1	-1/+1
\| \| \| \| \|	Include the Gitaly security release upstream See merge request gitlab/gitlabhq!2513
*	Merge branch 'sh-sh-block-other-localhost-11-2' into 'security-11-2'	Bob Van Landuyt	2018-09-24	3	-1/+33
\| \| \| \| \|	Block loopback addresses in UrlBlocker (11.2 port) See merge request gitlab/gitlabhq!2522
*	Merge branch ↵	Bob Van Landuyt	2018-09-24	20	-44/+159
\| \| \| \| \| \| \|	'security-11-2-6881-project-group-approvers-leaks-private-group-info-ce' into 'security-11-2' [11.2] Project group approvers leaks private group info See merge request gitlab/gitlabhq!2489
*	Merge branch 'security-11-2-gcp-token-exposed-by-kubernetes' into ↵	Bob Van Landuyt	2018-09-24	4	-9/+9
\| \| \| \| \| \| \|	'security-11-2' [11.2] - Do not persist errors from Kubernetes calls See merge request gitlab/gitlabhq!2504
*	Merge branch 'security-acet-issue-details-11-2' into 'security-11-2'	Bob Van Landuyt	2018-09-24	5	-4/+47
\| \| \| \| \|	[11.2] Fix XSS on Issue details page. See merge request gitlab/gitlabhq!2471
*	Merge branch 'security-security-2697-code-highlight-timeout-11-2' into ↵	Bob Van Landuyt	2018-09-24	3	-1/+35
\| \| \| \| \| \| \|	'security-11-2' [11.2] Fix syntax highlight taking too long See merge request gitlab/gitlabhq!2484
*	Update VERSION to 11.2.3v11.2.3	GitLab Release Tools Bot	2018-08-28	1	-1/+1
\|
*	Update CHANGELOG.md for 11.2.3	GitLab Release Tools Bot	2018-08-28	1	-0/+4
\| \| \|	[ci skip]
*	Merge branch 'security-diff-cache-fix-11-2' into 'security-11-2'	José Iván Vargas López	2018-08-28	3	-7/+16
\| \| \| \| \|	[11.2] Include rich_text in diff cache keys See merge request gitlab/gitlabhq!2483
*	Update VERSION to 11.2.2v11.2.2	GitLab Release Tools Bot	2018-08-27	1	-1/+1
\|
*	Update CHANGELOG.md for 11.2.2	GitLab Release Tools Bot	2018-08-27	4	-15/+9
\| \| \|	[ci skip]
*	Merge branch 'security-mk-exclude-orphaned-upload-files-from-export-11-2' ↵	José Iván Vargas López	2018-08-24	2	-8/+43
\| \| \| \| \| \| \|	into 'security-11-2' [11.2] Resolve "Orphaned upload files are accessible via project exports" See merge request gitlab/gitlabhq!2464
*	Merge branch 'security-fj-missing-csrf-system-hooks-resend-11-2' into ↵	José Iván Vargas López	2018-08-24	7	-10/+14
\| \| \| \| \| \| \|	'security-11-2' [11.2] Missing CSRF in System Hooks resend action See merge request gitlab/gitlabhq!2476
*	Merge branch 'security-2694-pipeline-11-2' into 'security-11-2'	José Iván Vargas López	2018-08-24	18	-59/+27
\| \| \| \| \|	[11.2] Removes <br> sent from backend on tooltips in jobs See merge request gitlab/gitlabhq!2458
*	Merge branch 'security-49085-11.2-persistent-xss-rendering' into 'security-11-2'	José Iván Vargas López	2018-08-24	8	-11/+79
\| \| \| \| \|	[11.2] Port of Fixed persistent XSS rendering/escaping of diff location lines to 11.2 See merge request gitlab/gitlabhq!2473
*	Merge branch 'sh-block-link-local-master-11-2-port' into 'security-11-2'	Nick Thomas	2018-08-24	3	-1/+37
\| \| \| \| \|	Block link-local addresses in URLBlocker (11.2 port) See merge request gitlab/gitlabhq!2460
*	Update VERSION to 11.2.1v11.2.1	GitLab Release Tools Bot	2018-08-22	1	-1/+1
\|
*	Update CHANGELOG.md for 11.2.1	GitLab Release Tools Bot	2018-08-22	4	-15/+12
\| \| \|	[ci skip]
*	Merge branch 'sh-fix-broken-ldap-clones' into 'master'11-2-stable-patch-1	Alejandro Rodríguez	2018-08-22	3	-0/+48
\| \| \| \| \| \| \|	Fix broken Git over HTTP clones with LDAP users Closes #50579 See merge request gitlab-org/gitlab-ce!21352
*	Merge branch 'sh-conditional-system-hook-push' into 'master'	Sean McGivern	2018-08-22	2	-1/+5
\| \| \| \| \| \| \| \|	Eliminate unnecessary and duplicate system hook fires Closes #50549 See merge request gitlab-org/gitlab-ce!21337
*	Merge branch 'sh-fix-wrong-commit-count-in-push' into 'master'	Alejandro Rodríguez	2018-08-22	3	-16/+53
\| \| \| \| \| \| \| \|	Fix wrong commit count in push event payload Closes #49971 See merge request gitlab-org/gitlab-ce!21338
*	Update VERSION to 11.2.0v11.2.0	GitLab Release Tools Bot	2018-08-22	1	-1/+1
\|
*	Update CHANGELOG.md for 11.2.0	GitLab Release Tools Bot	2018-08-22	217	-1086/+240
\| \| \|	[ci skip]
*	Update VERSION to 11.2.0-rc10v11.2.0-rc10	GitLab Release Tools Bot	2018-08-20	1	-1/+1
\|
*	Merge branch ↵11-2-stable-prepare-rc10	Sean McGivern	2018-08-20	8	-9/+19
\| \| \| \| \| \| \| \| \|	'49907-commits-and-merge-requests-does-not-list-all-files-when-one-file-exceeds-size-limits' into 'master' Resolve "Commits and Merge Requests does not list all files when one file exceeds size limits" Closes #49907 See merge request gitlab-org/gitlab-ce!21125
*	Merge branch 'master' into 'master'	Stan Hu	2018-08-20	1	-2/+2
\| \| \| \| \|	Added missing html_safe on text messages. See merge request gitlab-org/gitlab-ce!21232
*	Update VERSION to 11.2.0-rc9v11.2.0-rc9	GitLab Release Tools Bot	2018-08-17	1	-1/+1
\|
*	Merge branch 'sh-bump-rugged-0.27.4' into 'master'11-2-stable-prepare-rc9	Robert Speicher	2018-08-17	2	-1/+6
\| \| \| \| \|	Bump rugged to 0.27.4 for security fixes See merge request gitlab-org/gitlab-ce!21170