summaryrefslogtreecommitdiff
Commit message (Expand)AuthorAgeFilesLines
* Update VERSION to 12.1.7v12.1.7GitLab Release Tools Bot2019-08-271-1/+1
* Update CHANGELOG.md for 12.1.7GitLab Release Tools Bot2019-08-2722-105/+27
* Merge branch 'security-exposed-default-branch-12-1' into '12-1-stable'GitLab Release Tools Bot2019-08-264-2/+97
|\
| * Avoid exposing unaccessible repo data upon GFM processingOswaldo Ferreira2019-08-264-2/+97
|/
* Merge branch 'security-hide_merge_request_ids_on_emails-12-1' into '12-1-stable'GitLab Release Tools Bot2019-08-265-18/+89
|\
| * Prevent disclosure of merge request id via emailFelipe Artur2019-08-215-18/+89
* | Merge branch 'security-64711-fix-commit-todos-12-1' into '12-1-stable'GitLab Release Tools Bot2019-08-263-20/+112
|\ \
| * | Send TODOs for comments on commits correctlyNick Thomas2019-08-233-20/+112
| |/
* | Merge branch 'security-59549-add-capcha-for-failed-logins-12-1' into '12-1-st...GitLab Release Tools Bot2019-08-2620-31/+307
|\ \
| * | Add captcha if there are multiple failed login attemptsMaƂgorzata Ksionek2019-08-2620-31/+307
|/ /
* | Merge branch 'security-12-1-enable-image-proxy' into '12-1-stable'GitLab Release Tools Bot2019-08-2633-25/+603
|\ \
| * | Add support for using a Camo proxy serverBrett Walker2019-08-1533-25/+603
* | | Merge branch 'security-61974-limit-issue-comment-size-12-1' into '12-1-stable'GitLab Release Tools Bot2019-08-2614-19/+103
|\ \ \
| * | | Limit the size of issuable description and commentsAlexandru Croitor2019-08-2214-19/+103
| | |/ | |/|
* | | Merge branch 'security-mr-head-pipeline-leak-12-1' into '12-1-stable'GitLab Release Tools Bot2019-08-263-5/+39
|\ \ \
| * | | Permission fix for MergeRequestsController#pipeline_statusdrew cimino2019-08-123-5/+39
* | | | Merge branch 'security-katex-dos-12-1' into '12-1-stable'GitLab Release Tools Bot2019-08-264-23/+143
|\ \ \ \
| * | | | Enforce max chars and max render time in markdown mathMartin Hanzel2019-08-064-23/+143
* | | | | Merge branch 'security-ssrf-kubernetes-dns-12-1' into '12-1-stable'GitLab Release Tools Bot2019-08-265-18/+269
|\ \ \ \ \
| * | | | | Override hostname when connecting via KubeclientThong Kuah2019-08-045-18/+269
| | |_|_|/ | |/| | |
* | | | | Merge branch 'security-fix-html-injection-for-label-description-ce-12-1' into...GitLab Release Tools Bot2019-08-265-3/+29
|\ \ \ \ \
| * | | | | Fix HTML injection for label descriptionPatrick Derichs2019-08-055-3/+29
| |/ / / /
* | | | | Merge branch 'security-2853-prevent-comments-on-private-mrs-12-1' into '12-1-...GitLab Release Tools Bot2019-08-266-75/+371
|\ \ \ \ \
| * | | | | Prevent unauthorised comments on merge requestsAlex Kalderimis2019-08-076-75/+371
| | |/ / / | |/| | |
* | | | | Merge branch 'security-epic-notes-api-reveals-historical-info-ce-12-1' into '...GitLab Release Tools Bot2019-08-267-8/+21
|\ \ \ \ \
| * | | | | Filter out old system notes for epicsPatrick Derichs2019-08-097-8/+21
| |/ / / /
* | | | | Merge branch 'security-fix_jira_ssrf_vulnerability-12-1' into '12-1-stable'GitLab Release Tools Bot2019-08-264-1/+82
|\ \ \ \ \
| * | | | | Fix DNS rebind vulnerability for JIRA integrationFelipe Artur2019-08-084-1/+82
| |/ / / /
* | | | | Merge branch 'security-id-filter-timeline-activities-for-guests-12-1' into '1...GitLab Release Tools Bot2019-08-262-1/+6
|\ \ \ \ \
| * | | | | Add merge note type as cross referenceIgor Drozdov2019-08-142-1/+6
* | | | | | Merge branch 'security-project-import-bypass-12-1' into '12-1-stable'GitLab Release Tools Bot2019-08-265-26/+244
|\ \ \ \ \ \
| * | | | | | Fix project import restricted visibility bypassGeorge Koltsov2019-08-155-26/+244
| | |_|_|/ / | |/| | | |
* | | | | | Merge branch 'security-bvl-bump-gitaly-12-1' into '12-1-stable'GitLab Release Tools Bot2019-08-261-1/+1
|\ \ \ \ \ \
| * | | | | | Bump Gitaly version to 1.53.3Bob Van Landuyt2019-08-161-1/+1
| | |_|_|_|/ | |/| | | |
* | | | | | Merge branch 'security-add-job-activity-limit-ce-12-1' into '12-1-stable'GitLab Release Tools Bot2019-08-265-2/+43
|\ \ \ \ \ \
| * | | | | | Add active_jobs_limit to plans tableFabio Pitino2019-08-205-2/+43
| |/ / / / /
* | | | | | Merge branch 'security-sarcila-fix-weak-session-management-12-1' into '12-1-s...GitLab Release Tools Bot2019-08-264-0/+71
|\ \ \ \ \ \
| * | | | | | Add User#will_save_change_to_login? to clear reset_password_tokensSebastian Arcila Valenzuela2019-08-214-0/+71
| |/ / / / /
* | | | | | Merge branch 'security-ci-metrics-permissions-12-1' into '12-1-stable'GitLab Release Tools Bot2019-08-263-8/+64
|\ \ \ \ \ \
| * | | | | | Restrict MergeRequests#test_reports to authenticated users with read-access o...drew cimino2019-08-223-8/+64
| |/ / / / /
* | | | | | Merge branch 'security-personal-snippets-12-1' into '12-1-stable'GitLab Release Tools Bot2019-08-2612-10/+77
|\ \ \ \ \ \
| * | | | | | Add direct upload support for personal snippetsJan Provaznik2019-08-2312-10/+77
| |/ / / / /
* | | | | | Merge branch 'security-group-runners-permissions-12-1' into '12-1-stable'GitLab Release Tools Bot2019-08-263-43/+173
|\ \ \ \ \ \
| * | | | | | admin_group authorization for Groups::RunnersControllerdrew cimino2019-08-223-43/+173
| |/ / / / /
* | | | | | Merge branch 'security-fix-markdown-xss-12-1' into '12-1-stable'GitLab Release Tools Bot2019-08-268-13/+76
|\ \ \ \ \ \ | |/ / / / / |/| | | | |
| * | | | | Re-escape whole HTML content instead of only matchJan Provaznik2019-08-238-13/+76
|/ / / / /
* | | | | Merge branch 'jts/update-changelog' into '12-1-stable'Marin Jankovski2019-08-161-4/+3
|\ \ \ \ \ | |/ / / / |/| | | |
| * | | | Updates changlog to reflect appropriate version releaseJohn T Skarbek2019-08-121-4/+3
|/ / / /
* | | | Update VERSION to 12.1.6v12.1.6GitLab Release Tools Bot2019-08-121-1/+1
* | | | Update CHANGELOG.md for 12.1.6GitLab Release Tools Bot2019-08-121-0/+4
|/ / /
View Lorry Controller Status