Commits · v15.11.11-ee · gitlab-cn / Gitlab Backup

Jul 04, 2023

Update VERSION files · 2d5ff8e7
GitLab Release Tools Bot authored 2 years ago
```
[merge-train skip]
```
v15.11.11-ee

2d5ff8e7
Update changelog for 15.11.11 · d68346de
GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
d68346de
Update managed components version to 15.11.11 · 7bc33dee
GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
7bc33dee

Merge branch 'security-416797-fix-auth-issue-15-11' into '15-11-stable-ee' · df9bbefd

Mayra Cabrera authored 2 years ago

Add authorization to the subscriptions group controller

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3381



Merged-by: Mayra Cabrera <mcabrera@gitlab.com>
Approved-by: Doug Stull <dstull@gitlab.com>
Approved-by: Thong Kuah <tkuah@gitlab.com>
Co-authored-by: Doug Stull <dstull@gitlab.com>

df9bbefd

Add authorization to the subscriptions group controller · a6cb78e5

Ryan Cobb authored 2 years ago

Merge branch 'security-416797-fix-auth-issue-15-11' into '15-11-stable-ee'

See merge request gitlab-org/security/gitlab!3381

Changelog: security

a6cb78e5

Jun 29, 2023
- Merge remote-tracking branch 'dev/15-11-stable-ee' into 15-11-stable-ee · 7cbbc135
  GitLab Release Tools Bot authored 2 years ago
  
  7cbbc135
Jun 28, 2023

Update VERSION files · 6d037533
GitLab Release Tools Bot authored 2 years ago
```
[merge-train skip]
```
v15.11.10-ee

6d037533
Update changelog for 15.11.10 · 9d6ee3d5
GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
9d6ee3d5
Update managed components version to 15.11.10 · ce3b0c33
GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
ce3b0c33

Merge branch 'revert-' into '15-11-stable-ee' · 0e95bbfe

John Skarbek authored 2 years ago

Revert 'security-leaked-ci-job-token-permission-15-11' from '15-11'"

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3375



Merged-by: John Skarbek <jskarbek@gitlab.com>
Approved-by: Dominic Couture <dcouture@gitlab.com>
Approved-by: A Browne <abrowne@gitlab.com>
Co-authored-by: Max Fan <mfan@gitlab.com>

0e95bbfe

Revert 'security-leaked-ci-job-token-permission-15-11' from '15-11'" · 19f73bf5

Max Fan authored 2 years ago

Merge branch 'revert-822d17d7' into '15-11-stable-ee'

See merge request gitlab-org/security/gitlab!3375

Changelog: security

19f73bf5

Merge branch 'security-410123-bypass-code-owner-approvals-15-11' into '15-11-stable-ee' · c4e51b82

GitLab Release Tools Bot authored 2 years ago

Use fully qualified ref when loading code owner file

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3354

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Vasilii Iakliushin <viakliushin@gitlab.com>
Co-authored-by: Joe Woodward <jwoodward@gitlab.com>

c4e51b82

Use fully qualified ref when loading code owner file · d7ffb4cc

Joe Woodward authored 2 years ago

Merge branch 'security-410123-bypass-code-owner-approvals-15-11' into '15-11-stable-ee'

See merge request gitlab-org/security/gitlab!3354

Changelog: security

d7ffb4cc

Merge branch 'security-410433-confidential-issue-15-11' into '15-11-stable-ee' · fcb38b0c

GitLab Release Tools Bot authored 2 years ago

Maintainer can leak masked webhook secrets by manipulating URL masking

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3361

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Luke Duncalfe <lduncalfe@gitlab.com>
Co-authored-by: bmarjanovic <bmarjanovic@gitlab.com>

fcb38b0c

Maintainer can leak masked webhook secrets by manipulating URL masking · 3a7ccdac

Bojan Marjanovic authored 2 years ago

Merge branch 'security-410433-confidential-issue-15-11' into '15-11-stable-ee'

See merge request gitlab-org/security/gitlab!3361

Changelog: security

3a7ccdac

Merge branch 'security-fix-907-15-11' into '15-11-stable-ee' · 576cfc00

GitLab Release Tools Bot authored 2 years ago

Remove approvals when the only commit gets amended

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3368



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Patrick Bajao <ebajao@gitlab.com>
Co-authored-by: David Kim <dkim@gitlab.com>

576cfc00

Remove approvals when the only commit gets amended · f8a4ad8b

Sincheol (David) Kim authored 2 years ago

Merge branch 'security-fix-907-15-11' into '15-11-stable-ee'

See merge request gitlab-org/security/gitlab!3368

Changelog: security

f8a4ad8b

Merge branch 'security-408137-15-11' into '15-11-stable-ee' · 63c42b40

GitLab Release Tools Bot authored 2 years ago

Fix for fork permissions check in compare controller

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3344

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Vasilii Iakliushin <viakliushin@gitlab.com>
Co-authored-by: Robert May <rmay@gitlab.com>

63c42b40

Fix for fork permissions check in compare controller · 8edf44b1

Robert May authored 2 years ago

Merge branch 'security-408137-15-11' into '15-11-stable-ee'

See merge request gitlab-org/security/gitlab!3344

Changelog: security

8edf44b1

Merge branch 'security-409034-confidential-issue-15-11' into '15-11-stable-ee' · 8dbf520f

GitLab Release Tools Bot authored 2 years ago

Webhook token leaked in Sidekiq logs if log format is 'default'

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3347

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Roy Zwambag <rzwambag@gitlab.com>
Co-authored-by: bmarjanovic <bmarjanovic@gitlab.com>

8dbf520f

Webhook token leaked in Sidekiq logs if log format is 'default' · 02b58237

Bojan Marjanovic authored 2 years ago

Merge branch 'security-409034-confidential-issue-15-11' into '15-11-stable-ee'

See merge request gitlab-org/security/gitlab!3347

Changelog: security

02b58237

Merge branch 'security-untrusted-epic-reference-15-11' into '15-11-stable-ee' · a16e69a8

GitLab Release Tools Bot authored 2 years ago

Mitigate epic reference filter ReDOS

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3339



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Vitali Tatarintev <vtatarintev@gitlab.com>
Co-authored-by: Brett Walker <bwalker@gitlab.com>

a16e69a8

Mitigate epic reference filter ReDOS · 4c2cd6e5

Brett Walker authored 2 years ago

Merge branch 'security-untrusted-epic-reference-15-11' into '15-11-stable-ee'

See merge request gitlab-org/security/gitlab!3339

Changelog: security

4c2cd6e5

Merge branch 'security-leaked-ci-job-token-permission-15-11' into '15-11-stable-ee' · 822d17d7

GitLab Release Tools Bot authored 2 years ago

Increasing security for CI_JOB_TOKEN on public and internal projects

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3319

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: A Browne <abrowne@gitlab.com>
Co-authored-by: Max Fan <mfan@gitlab.com>

822d17d7

Increasing security for CI_JOB_TOKEN on public and internal projects · 4f8a00b2

Max Fan authored 2 years ago

Merge branch 'security-leaked-ci-job-token-permission-15-11' into '15-11-stable-ee'

See merge request gitlab-org/security/gitlab!3319

Changelog: security

4f8a00b2

Merge branch... · c6f363f4

GitLab Release Tools Bot authored 2 years ago

Merge branch 'security-dblessing_fix_html_injection_admin_unconfirmed_user-15-11' into '15-11-stable-ee'

Sanitize user email addresses in admin confirm user dialog

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3332

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Kassio Borges <kborges@gitlab.com>
Co-authored-by: Drew Blessing <drew@gitlab.com>

c6f363f4

Sanitize user email addresses in admin confirm user dialog · 608c8001

Drew Blessing authored 2 years ago

Merge branch 'security-dblessing_fix_html_injection_admin_unconfirmed_user-15-11' into '15-11-stable-ee'

See merge request gitlab-org/security/gitlab!3332

Changelog: security

608c8001

Merge branch 'security-service-desk-obfuscate-email-api-15-11' into '15-11-stable-ee' · 928ddfc4

GitLab Release Tools Bot authored 2 years ago

Obfuscate email of service desk issue creator in issue REST API

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3316

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Mario Celi <mcelicalderon@gitlab.com>
Co-authored-by: Peter Leitzen <pleitzen@gitlab.com>

928ddfc4

Obfuscate email of service desk issue creator in issue REST API · a092ebc5

Peter Leitzen authored 2 years ago

Merge branch 'security-service-desk-obfuscate-email-api-15-11' into '15-11-stable-ee'

See merge request gitlab-org/security/gitlab!3316

Changelog: security

a092ebc5

Jun 15, 2023
- Update VERSION files · ca9802e3
  GitLab Release Tools Bot authored 2 years ago
```
[merge-train skip]
```
  v15.11.9-ee
  
  ca9802e3
- Update changelog for 15.11.9 · 32fe6fab
  GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
  32fe6fab
- Update managed components version to 15.11.9 · a8110804
  GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
  a8110804
Jun 14, 2023

Merge branch '359963-slow-iteration-15-11' into '15-11-stable-ee' · 1d91826b

Alessio Caiazza authored 2 years ago

Slowly iterate MigrateSharedVulnerabilityIdentifiers

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/122856



Merged-by: Alessio Caiazza <acaiazza@gitlab.com>
Approved-by: Raimund Hook <rhook@gitlab.com>
Approved-by: Tianwen Chen <tchen@gitlab.com>
Approved-by: Terri Chu <tchu@gitlab.com>
Reviewed-by: Tianwen Chen <tchen@gitlab.com>
Co-authored-by: Dominic Bauer <dbauer@gitlab.com>

1d91826b

Make MigrateSharedVulnerabilityIdentifiers use slow iteration · 1d91c7b2
Dominic Bauer authored 2 years ago
```
Changelog: changed
EE: true
```
1d91c7b2

Jun 06, 2023

Update VERSION files · 5aa8f83c
GitLab Release Tools Bot authored 2 years ago
```
[merge-train skip]
```
v15.11.8-ee

5aa8f83c
Update changelog for 15.11.8 · 5894b25b
GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
5894b25b
Update managed components version to 15.11.8 · 15057db7
GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
15057db7

Merge branch 'gb-fix-slow-ci-config-15-11' into '15-11-stable-ee' · e16c4d71

Alessio Caiazza authored 2 years ago

Fix memory leak in CI config includes entry

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/122540



Merged-by: Alessio Caiazza <acaiazza@gitlab.com>
Approved-by: Furkan Ayhan <furkanayhn@gmail.com>
Approved-by: Mark Lapierre <mlapierre@gitlab.com>
Approved-by: Grzegorz Bizon <grzegorz@gitlab.com>
Co-authored-by: Grzegorz Bizon <grzesiek.bizon@gmail.com>

e16c4d71

Merge branch 'lfs-batch-presigned-urls-15-11' into '15-11-stable-ee' · b72c3c46

Alessio Caiazza authored 2 years ago

LFS: Serve pre-signed URLs in `/lfs/objects/batch` (backport to 15.11)

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/122348



Merged-by: Alessio Caiazza <acaiazza@gitlab.com>
Approved-by: Grzegorz Bizon <grzegorz@gitlab.com>
Reviewed-by: Kamil Trzciński <ayufan@ayufan.eu>
Co-authored-by: Kamil Trzciński <ayufan@ayufan.eu>

b72c3c46

Merge remote-tracking branch 'security/15-11-stable-ee' into 15-11-stable-ee · 1343d55d
Alessio Caiazza authored 2 years ago

1343d55d