summaryrefslogtreecommitdiff
path: root/changelogs
Commit message (Collapse)AuthorAgeFilesLines
* Add support for using a Camo proxy serverBrett Walker2019-08-151-0/+5
| | | | | | User images and videos will get proxied through the Camo server in order to keep malicious sites from collecting the IP address of users.
* Update CHANGELOG.md for 12.0.4GitLab Release Tools Bot2019-07-259-45/+0
| | | [ci skip]
* Merge branch 'security-fix-badges-leaked-to-unauthorized-users-12-0' into ↵GitLab Release Tools Bot2019-07-241-0/+5
|\ | | | | | | | | | | | | '12-0-stable' Don't display badges when builds are restricted See merge request gitlab/gitlabhq!3185
| * Don't display badges when builds are restrictedFabio Pitino2019-06-271-0/+5
| | | | | | | | | | | | | | | | Badges were leaked to unauthorized users even when Public Builds project setting is disabled. Added guard clause to the controller to check if user can read build.
* | Merge branch 'security-github-ssrf-redirect-12-0' into '12-0-stable'GitLab Release Tools Bot2019-07-241-0/+5
|\ \ | | | | | | | | | | | | Do not allow localhost url redirection in GitHub Integration See merge request gitlab/gitlabhq!3206
| * | Do not allow localhost url redirection in GitHub Integrationmanojmj2019-07-091-0/+5
| | |
* | | Merge branch 'security-dns-ssrf-bypass-12-0' into '12-0-stable'GitLab Release Tools Bot2019-07-241-0/+5
|\ \ \ | | | | | | | | | | | | | | | | Server Side Request Forgery mitigation bypass See merge request gitlab/gitlabhq!3213
| * | | Fix Server Side Request Forgery mitigation bypassFrancisco Javier López2019-07-041-0/+5
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we can't resolve the hostname or it is invalid, we shouldn't even perform the request. This fix also fixes the problem the SSRF rebinding attack. We can't stub feature flags outside example blocks. Nevertheless, there are some actions that calls the UrlBlocker, that are performed outside example blocks, ie: `set` instruction. That's why we have to use some signalign mechanism outside the scope of the specs.
* | | Merge branch 'security-mr-pipeline-permissions-12-0' into '12-0-stable'GitLab Release Tools Bot2019-07-241-0/+5
|\ \ \ | | | | | | | | | | | | | | | | MR pipeline permissions See merge request gitlab/gitlabhq!3216
| * | | Use MergeRequest#source_project as permissions reference for ↵drew cimino2019-07-051-0/+5
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | MergeRequest#all_pipelines MergeRequest#all_pipelines fetches Ci::Pipeline records from the source project, so we should specifically check that project for permissions. This was already happening for intra-project merge requests, but in the event that the target and source projects both have private builds, we should ensure that the project permissions are respected.
* | | Merge branch 'security-60143-patch-additional-xss-issue-12.0' into '12-0-stable'GitLab Release Tools Bot2019-07-241-0/+5
|\ \ \ | | | | | | | | | | | | | | | | Extract SanitizeNodeLink and apply to WikiLinkFilter See merge request gitlab/gitlabhq!3222
| * | | Extract SanitizeNodeLink and apply to WikiLinkFilterKerri Miller2019-07-081-0/+5
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The SanitizationFilter was running before the WikiFilter. Since WikiFilter can modify links, we could see links that _should_ be stopped by SanatizationFilter being rendered on the page. I (kerrizor) had previously addressed the bug in: https://gitlab.com/gitlab-org/gitlab-ee/commit/7bc971915bbeadb950bb0e1f13510bf3038229a4 However, an additional exploit was discovered after that was merged. Working through the issue, we couldn't simply shuffle the order of filters, due to some implicit assumptions about the order of filters, so instead we've extracted the logic that sanitizes a Nokogiri-generated Node object, and applied it to the WikiLinkFilter as well. On moving filters around: Once we start moving around filters, we get cascading failures; fix one, another one crops up. Many of the existing filters in the WikiPipeline chain seem to assume that other filters have already done their work, and thus operate on a "transform anything that's left" basis; WikiFilter, for instance, assumes any link it finds in the markdown should be prepended with the wiki_base_path.. but if it does that, it also turns `href="@user"` into `href="/path/to/wiki/@user"`, which the UserReferenceFilter doesn't see as a user reference it needs to transform into a user profile link. This is true for all the reference filters in the WikiPipeline.
* | | Merge branch 'security-remove-take-trigger-ownership-feature-12-0' into ↵GitLab Release Tools Bot2019-07-241-0/+5
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | '12-0-stable' Drop feature to take ownership of a trigger token See merge request gitlab/gitlabhq!3227
| * | | Drop feature to take ownership of a trigger tokenFabio Pitino2019-07-171-0/+5
| |/ / | | | | | | | | | | | | | | | | | | Removing API and frontend interactions that allowed users to take ownership of a trigger token. Removed mentions from the documentation.
* | | Merge branch ↵GitLab Release Tools Bot2019-07-241-0/+5
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | 'security-2873-restrict-slash-commands-to-users-who-can-log-in-12-0' into '12-0-stable' Restrict slash commands to users who can log in See merge request gitlab/gitlabhq!3238
| * | | Restrict slash commands to users who can log inHordur Freyr Yngvason2019-07-121-0/+5
| |/ /
* | | Merge branch 'security-bvl-filter-mr-params-12-0' into '12-0-stable'GitLab Release Tools Bot2019-07-241-0/+5
|\ \ \ | | | | | | | | | | | | | | | | Filter params in MR build service See merge request gitlab/gitlabhq!3254
| * | | Filter params in MR build serviceBob Van Landuyt2019-07-171-0/+5
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Reusing the existing `IssuableBaseService#filter_params` which uses the policies to determine what params a user can set, and which values it can be set to. This also removed the need for the seperate call to `IssuableBaseService#ensure_milestone_available`. The `Issues::BuildService` does not suffer from this because it limits the params that are assignable to the `title`, `description` and `milestone_id`.
* | | Do not show moved issue ids for user not authorizedFelipe Artur2019-07-151-0/+5
|/ / | | | | | | Do not show moved issue id for users that cannot read issue
* | Update CHANGELOG.md for 12.0.3GitLab Release Tools Bot2019-06-2710-50/+0
|/ | | [ci skip]
* Merge branch 'security-notes-in-private-snippets-12-0' into '12-0-stable'GitLab Release Tools Bot2019-06-261-0/+5
|\ | | | | | | | | Ability to write a note in a private snippet See merge request gitlab/gitlabhq!3142
| * Correctly check permissions when creating snippet notesMarkus Koller2019-06-061-0/+5
| | | | | | | | | | | | | | | | | | | | In the Snippets::NotesController the noteable was resolved and authorized through the :snippet_id, so by passing a :target_id for a different snippet it was possible to create a note on a snippet where the user would be unauthorized to do so otherwise. This fixes the problem by ignoring the :target_id and :target_type from the request, and using the same noteable for creation and authorization.
* | Merge branch 'security-fp-prevent-billion-laughs-attack-12-0' into '12-0-stable'GitLab Release Tools Bot2019-06-261-0/+5
|\ \ | | | | | | | | | | | | Prevent Billion Laughs attack See merge request gitlab/gitlabhq!3146
| * | Prevent Billion Laughs attackFabio Pitino2019-06-071-0/+5
| |/ | | | | | | | | | | It keeps track of the memory being used when loading the YAML file as well as the depth of nesting. Track exception when YAML is too big
* | Merge branch 'security-12-0-mr-head-pipeline-leak' into '12-0-stable'GitLab Release Tools Bot2019-06-261-0/+5
|\ \ | | | | | | | | | | | | Fix MR head pipeline leak See merge request gitlab/gitlabhq!3154
| * | Add CHANGELOG entryMatija Čupić2019-06-121-0/+5
| |/
* | Merge branch ↵GitLab Release Tools Bot2019-06-261-0/+5
|\ \ | | | | | | | | | | | | | | | | | | 'security-prevent-detection-of-merge-request-template-name-12-0' into '12-0-stable' Guests can know whether merge request template name exists or not See merge request gitlab/gitlabhq!3161
| * | Authorize access before serving project templateLuke Duncalfe2019-06-171-0/+5
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, if a user was a guest member of a private project, they could access the merge request template as we were not checking permission-levels of the user. When a issue template is asked for, the user must have :read_issue for the project; or :read_merge_request when a merge request template is asked for. We also now rescue_from FileNotFoundError and handle as 404. This is because RepoTemplateFinder can raise a FileNotFoundError exception, which Rails previously handled as a 500. Handling these in a way that is consistent with ActiveRecord::RecordNotFound exceptions, within controllers that inherit from Projects::ApplicationController at least, and returning a 404. https://gitlab.com/gitlab-org/gitlab-ce/issues/54943
* | Merge branch 'security-persist-tmp-snippet-uploads-12-0' into '12-0-stable'GitLab Release Tools Bot2019-06-261-0/+5
|\ \ | | | | | | | | | | | | Persist tmp snippet uploads at users See merge request gitlab/gitlabhq!3162
| * | Persist tmp snippet uploadsOswaldo Ferreira2019-06-171-0/+5
| |/ | | | | | | | | | | | | | | | | | | It persist temporary personal snippets under user/:id namespaces temporarily while creating a upload record to track it. If an user gets removed while it's still a tmp upload, it also gets removed. If the tmp upload is sent, the upload gets moved to personal_snippets/:id as before. The upload record also gets updated to the new model type as well.
* | Merge branch 'security-59581-related-merge-requests-count-12-0' into ↵GitLab Release Tools Bot2019-06-261-0/+5
|\ \ | | | | | | | | | | | | | | | | | | '12-0-stable' Expose merge requests count based on user access See merge request gitlab/gitlabhq!3167
| * | Expose merge requests count based on user accessAlexandru Croitor2019-06-181-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | Count issues related merge requests based on user access level. And issue can have related MRs from projects where user does not have access so the number of related merge requests should be adjusted based on user's ability to access the related MRs. https://gitlab.com/gitlab-org/gitlab-ce/issues/59581
* | | Merge branch 'security-DOS_issue_comments_banzai-12-0' into '12-0-stable'GitLab Release Tools Bot2019-06-261-0/+5
|\ \ \ | | | | | | | | | | | | | | | | Fix DOS when rendering issue/MR comments See merge request gitlab/gitlabhq!3171
| * | | Fix DOS when rendering issue/MR commentsMario de la Ossa2019-06-181-0/+5
| |/ /
* | | Merge branch 'security-bvl-enforce-graphql-type-authorization-12-0' into ↵GitLab Release Tools Bot2019-06-261-0/+5
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | '12-0-stable' Fix type authorizations in GraphQL See merge request gitlab/gitlabhq!3172
| * | | Fix failing auhtorizations in GraphQLBob Van Landuyt2019-06-201-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | 0. Add authorize to LabelType and NamespaceType. 1. Make sure that authorizations on non-nullable fields are also executed.
* | | | Merge branch 'security-2858-fix-color-validation-12-0' into '12-0-stable'GitLab Release Tools Bot2019-06-261-0/+5
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | Fix color validation regex causing DoS See merge request gitlab/gitlabhq!3176
| * | | | Fix color validation regexHeinrich Lee Yu2019-06-251-0/+5
| | | | | | | | | | | | | | | | | | | | Also prevents ReDoS vulnerability
* | | | | Disable Rails SQL query cache when applying service templatesStan Hu2019-06-251-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When the SQL query cache is active, the SELECT query for finding projects to apply service templates returns the same values. This causes an infinite loop because even though bulk INSERT queries are made, the cached results never reflect that progress. To fix this, we call `Project.uncached` around the query to ensure new data is retrieved. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/63595
* | | | | Update CHANGELOG.md for 12.0.2GitLab Release Tools Bot2019-06-258-40/+0
| | | | | | | | | | | | | | | [ci skip]
* | | | | Merge branch 'sh-quiet-backup-secrets-log' into 'master'12-0-stable-patch-2Rémy Coutable2019-06-251-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Silence backup warnings when CRON=1 in use Closes #63703 See merge request gitlab-org/gitlab-ce!30033 (cherry picked from commit d6c7d4c48db51fdc3eb479e53d40ce4358695218) ad3abd1d Silence backup warnings when CRON=1 in use
* | | | | Merge branch 'sh-recover-ee-schema-backport-migration-failure' into 'master'Rémy Coutable2019-06-251-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Prevent EE backport migrations from running if CE is not migrated Closes #63612 See merge request gitlab-org/gitlab-ce!30002 (cherry picked from commit 34df0b303eed0cee83d8c0ec6178d3c575a0b555) 1b063778 Prevent EE backport migrations from running if CE is not migrated
* | | | | Merge branch ↵Stan Hu2019-06-251-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | '63513-ensure-gitlab-jsoncache-includes-the-gitlab-version-in-the-cache-key' into 'master' Include the GitLab version in the cache key for Gitlab::JsonCache See merge request gitlab-org/gitlab-ce!29938 (cherry picked from commit c6f54ab12b5b276dadda0639ea647e9a2b4c1781) 94d9e335 Include the GitLab version in the cache key for Gitlab::JsonCache 1b7e7dde Add CHANGELOG entry
* | | | | Merge branch 'sh-omit-issues-links-on-poll' into 'master'Mayra Cabrera2019-06-251-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Omit issues links in merge request entity API response Closes #63546 See merge request gitlab-org/gitlab-ce!29917 (cherry picked from commit f47e4d025247509ab73e16c3db248b0f9ccb662c) 1b7ab11f Omit issues links in merge request entity API response
* | | | | Merge branch 'fix-notes-emails-with-group-settings' into 'master'Douwe Maan2019-06-251-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix notes email with group-level notification email Closes #63355 See merge request gitlab-org/gitlab-ce!29889 (cherry picked from commit 480eb370a477c3a230cec1ff43a71066ab5be6f9) bf73ecd7 Fix notes email with group-level notification email 8eb2d7bb Apply suggestion to spec/support/helpers/email_helpers.rb
* | | | | Merge branch 'fix-labels-in-hooks' into 'master'Ash McKenzie2019-06-251-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix label serialisation in issue and note hooks Closes #63473 See merge request gitlab-org/gitlab-ce!29850 (cherry picked from commit 88c8d177f835983a0a47796529906c69376d159d) da470249 Fix label serialisation in issue and note hooks 4189ffe2 Added labels_hook_attrs method
* | | | | Merge branch 'bug/63162-duplicate_path_in_links' into 'master'Sean McGivern2019-06-251-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Do not rewrite relative links for system notes Closes #63162 See merge request gitlab-org/gitlab-ce!29825 (cherry picked from commit 51df2ca5c5a1b18155b7bba9bdc26c165533428b) 35a39c1d Do not rewrite relative links for system notes
* | | | | Merge branch 'fix-microsoft-teams-notification-flags' into 'master'Stan Hu2019-06-251-0/+5
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix missing API notification flags for Microsoft Teams See merge request gitlab-org/gitlab-ce!29824 (cherry picked from commit 51267258d1c39835c995eaaf29b7df678334ded1) d5d2f8fb 59702 Fix API notification flags for MS Teams f7658c0f 59702 Add changelog entry 1ce2c4dc Add missing test for Microsoft Teams notify_only_default_branch flag
* | | | Update CHANGELOG.md for 12.0.0GitLab Release Tools Bot2019-06-22286-1433/+0
|/ / / | | | | | | [ci skip]
* | | Merge branch '63417-add-missing-class' into 'master'Kamil Trzciński2019-06-191-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adds missing class in collapsible sections Closes #63417 See merge request gitlab-org/gitlab-ce!29804 (cherry picked from commit 22755a4aa2d2884629ef9050227ef461574d9d94) d3a1468b Adds missing class
View Lorry Controller Status