Commit message (Expand) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Merge branch 'security-personal-snippets' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 12 | -10/+77 |
|\ | |||||
| * | Add direct upload support for personal snippets | Jan Provaznik | 2019-08-23 | 12 | -10/+77 |
* | | Merge branch 'security-fix-html-injection-for-label-description-ce-master' in... | GitLab Release Tools Bot | 2019-08-29 | 5 | -3/+29 |
|\ \ | |||||
| * | | Fix HTML injection for label description | Patrick Derichs | 2019-08-05 | 5 | -3/+29 |
* | | | Merge branch 'security-fix_jira_ssrf_vulnerability' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 4 | -1/+82 |
|\ \ \ | |||||
| * | | | Fix DNS rebind vulnerability for JIRA integration | Felipe Artur | 2019-08-08 | 4 | -1/+82 |
* | | | | Merge branch 'security-61974-limit-issue-comment-size' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 14 | -19/+78 |
|\ \ \ \ | |||||
| * | | | | Limit the size of issuable description and comments | Alexandru Croitor | 2019-08-22 | 14 | -19/+78 |
* | | | | | Merge branch 'security-59549-add-capcha-for-failed-logins' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 20 | -32/+307 |
|\ \ \ \ \ | |||||
| * | | | | | Add captcha if there are multiple failed login attempts | MaĆgorzata Ksionek | 2019-07-31 | 20 | -32/+307 |
* | | | | | | Merge branch 'security-mr-head-pipeline-leak' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 3 | -5/+39 |
|\ \ \ \ \ \ | |||||
| * | | | | | | Permission fix for MergeRequestsController#pipeline_status | drew cimino | 2019-08-12 | 3 | -5/+39 |
* | | | | | | | Merge branch 'security-katex-dos-master' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 4 | -23/+143 |
|\ \ \ \ \ \ \ | |||||
| * | | | | | | | Enforce max chars and max render time in markdown math | Martin Hanzel | 2019-08-06 | 4 | -23/+143 |
| | |_|_|/ / / | |/| | | | | | |||||
* | | | | | | | Merge branch 'security-project-import-bypass' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 5 | -26/+244 |
|\ \ \ \ \ \ \ | |||||
| * | | | | | | | Fix project import restricted visibility bypass | George Koltsov | 2019-08-15 | 5 | -26/+244 |
| |/ / / / / / | |||||
* | | | | | | | Merge branch 'security-hide_merge_request_ids_on_emails' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 5 | -18/+89 |
|\ \ \ \ \ \ \ | |||||
| * | | | | | | | Prevent disclosure of merge request id via email | Felipe Artur | 2019-08-19 | 5 | -18/+89 |
| |/ / / / / / | |||||
* | | | | | | | Merge branch 'security-id-filter-timeline-activities-for-guests' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 2 | -1/+6 |
|\ \ \ \ \ \ \ | |||||
| * | | | | | | | Add merge note type as cross reference | Igor Drozdov | 2019-08-13 | 2 | -1/+6 |
* | | | | | | | | Merge branch 'security-group-runners-permissions' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 3 | -43/+173 |
|\ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | admin_group authorization for Groups::RunnersController | drew cimino | 2019-08-22 | 3 | -43/+173 |
* | | | | | | | | | Merge branch 'security-ci-metrics-permissions' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 3 | -8/+64 |
|\ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | Restrict MergeRequests#test_reports to authenticated users with read-access o... | drew cimino | 2019-08-22 | 3 | -8/+64 |
* | | | | | | | | | | Merge branch 'security-sarcila-fix-weak-session-management' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 4 | -0/+71 |
|\ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | Add User#will_save_change_to_login? to clear reset_password_tokens | Sebastian Arcila Valenzuela | 2019-08-21 | 4 | -0/+71 |
* | | | | | | | | | | | Merge branch 'security-add-job-activity-limit-ce' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 5 | -2/+43 |
|\ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | Add active_jobs_limit to plans table | Fabio Pitino | 2019-08-21 | 5 | -2/+43 |
* | | | | | | | | | | | | Merge branch 'security-fix-markdown-xss' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 8 | -13/+76 |
|\ \ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | | Re-escape whole HTML content instead of only match | Jan Provaznik | 2019-08-23 | 8 | -13/+76 |
* | | | | | | | | | | | | | Merge branch 'security-exposed-default-branch' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 4 | -2/+97 |
|\ \ \ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | | | Avoid exposing unaccessible repo data upon GFM processing | Oswaldo Ferreira | 2019-08-21 | 4 | -2/+97 |
* | | | | | | | | | | | | | | Merge branch 'security-ssrf-kubernetes-dns-12-3' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 5 | -18/+269 |
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | | | | Column was renamed in 12.2 | Thong Kuah | 2019-08-21 | 2 | -2/+2 |
| * | | | | | | | | | | | | | | Override hostname when connecting via Kubeclient | Thong Kuah | 2019-08-21 | 5 | -18/+269 |
| | |_|_|_|/ / / / / / / / / | |/| | | | | | | | | | | | | |||||
* | | | | | | | | | | | | | | Merge branch 'security-64711-fix-commit-todos' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 3 | -20/+112 |
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | | | | Send TODOs for comments on commits correctly | Nick Thomas | 2019-08-23 | 3 | -20/+112 |
* | | | | | | | | | | | | | | | Merge branch 'security-gitaly-1.61.0' into 'master' | GitLab Release Tools Bot | 2019-08-29 | 2 | -1/+6 |
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | | | | | Use Gitaly 1.61.0 | Jacob Vosmaer | 2019-08-26 | 2 | -1/+6 |
* | | | | | | | | | | | | | | | | Update CHANGELOG.md for 12.2.3 | GitLab Release Tools Bot | 2019-08-28 | 1 | -0/+28 |
* | | | | | | | | | | | | | | | | Update CHANGELOG.md for 12.2.2 | GitLab Release Tools Bot | 2019-08-27 | 1 | -0/+28 |
* | | | | | | | | | | | | | | | | Update CHANGELOG.md for 12.0.7 | GitLab Release Tools Bot | 2019-08-27 | 1 | -0/+28 |
|/ / / / / / / / / / / / / / / | |||||
* | | | | | | | | | | | | | | | Merge branch 'renovate/gitlab-packages' into 'master' | Kushal Pandya | 2019-08-26 | 2 | -5/+5 |
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | | | | | Update dependency @gitlab/svgs to ^1.70.0 | Lukas Eipert | 2019-08-23 | 2 | -5/+5 |
* | | | | | | | | | | | | | | | | Merge branch 'sh-upgrade-ruby-prof' into 'master' | Ash McKenzie | 2019-08-26 | 2 | -3/+3 |
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | | | | | | Bump ruby-prof to 1.0.0sh-upgrade-ruby-prof | Stan Hu | 2019-08-24 | 2 | -3/+3 |
* | | | | | | | | | | | | | | | | | Merge branch 'add-unleash-gem' into 'master' | Thong Kuah | 2019-08-26 | 2 | -0/+5 |
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | | | | | | | Install Unleash Client Gem | Jason Goodman | 2019-08-26 | 2 | -0/+5 |
|/ / / / / / / / / / / / / / / / / | |||||
* | | | | | | | | | | | | | | | | | Merge branch 'ee-10586-geo-object-storage-replication' into 'master' | Ash McKenzie | 2019-08-26 | 1 | -0/+4 |
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |||||
| * | | | | | | | | | | | | | | | | | Backport expired job artifact traitee-10586-geo-object-storage-replication | Gabriel Mazetto | 2019-08-24 | 1 | -0/+4 |
| |/ / / / / / / / / / / / / / / / |