Commits · v16.0.7-jh · gitlab-cn / Gitlab Backup

Jul 06, 2023
- Update VERSION files · 868f1fbd
  JiHu Release Tools Bot authored 2 years ago
```
[merge-train skip]
```
  v16.0.7-jh
  
  868f1fbd
- Update changelog for 16.0.7 · f56069b6
  JiHu Release Tools Bot authored 2 years ago
```
[ci skip]
```
  f56069b6
- Merge branch '16-0-stable-jh-patch-7' into '16-0-stable-jh' · 6cda90a3
  Wenju Liu authored 2 years ago
```
Prepare 16.0.7 release for gitlab-jh

See merge request gitlab-cn/gitlab!1815
```
  6cda90a3
Jul 05, 2023
- Update package.json and yarn.lock · 5685d9a1
  RELEASE_BOT_PRODUCTION_TOKEN authored 2 years ago
  
  5685d9a1
- Merge tag 'v16.0.7-ee' into 16-0-stable-jh-patch-7 · 528092f2
  RELEASE_BOT_PRODUCTION_TOKEN authored 2 years ago
  
  528092f2
Jul 04, 2023

Update VERSION files · 5ed4b9a2
GitLab Release Tools Bot authored 2 years ago
```
[merge-train skip]
```
v16.0.7-ee

5ed4b9a2
Update changelog for 16.0.7 · 1485c3e8
GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
1485c3e8
Update managed components version to 16.0.7 · 28986e3a
GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
28986e3a

Merge branch 'security-416797-fix-auth-issue-16-0' into '16-0-stable-ee' · 25c866ce

Mayra Cabrera authored 2 years ago

Add authorization to the subscriptions group controller

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3380



Merged-by: Mayra Cabrera <mcabrera@gitlab.com>
Approved-by: Doug Stull <dstull@gitlab.com>
Approved-by: Thong Kuah <tkuah@gitlab.com>
Co-authored-by: Doug Stull <dstull@gitlab.com>

25c866ce

Add authorization to the subscriptions group controller · 07fa510b

Ryan Cobb authored 2 years ago

Merge branch 'security-416797-fix-auth-issue-16-0' into '16-0-stable-ee'

See merge request gitlab-org/security/gitlab!3380

Changelog: security

07fa510b

Jun 30, 2023
- Update VERSION files · 99b18e5d
  JiHu Release Tools Bot authored 2 years ago
```
[merge-train skip]
```
  v16.0.6-jh
  
  99b18e5d
- Update changelog for 16.0.6 · 8d7a5ce2
  JiHu Release Tools Bot authored 2 years ago
```
[ci skip]
```
  8d7a5ce2
Jun 29, 2023
- Merge branch '16-0-stable-jh-patch-6' into '16-0-stable-jh' · 1a03367a
  Wenju Liu authored 2 years ago
```
Prepare 16.0.6 release for gitlab-jh

See merge request gitlab-cn/gitlab!1791
```
  1a03367a
- Merge tag 'v16.0.6-ee' into 16-0-stable-jh-patch-6 · cfca8a94
  RELEASE_BOT_PRODUCTION_TOKEN authored 2 years ago
  
  cfca8a94
- Merge remote-tracking branch 'dev/16-0-stable-ee' into 16-0-stable-ee · cd518fe5
  GitLab Release Tools Bot authored 2 years ago
  
  cd518fe5
Jun 28, 2023

Update VERSION files · 1ca31874
GitLab Release Tools Bot authored 2 years ago
```
[merge-train skip]
```
v16.0.6-ee

1ca31874
Update changelog for 16.0.6 · 894b4954
GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
894b4954
Update managed components version to 16.0.6 · dbbc9499
GitLab Release Tools Bot authored 2 years ago
```
[ci skip]
```
dbbc9499

Merge branch 'revert-' into '16-0-stable-ee' · 412caa4c

John Skarbek authored 2 years ago

Revert 'security-leaked-ci-job-token-permission-16-0' from '16-0'"

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3373



Merged-by: John Skarbek <jskarbek@gitlab.com>
Approved-by: A Browne <abrowne@gitlab.com>
Approved-by: Dominic Couture <dcouture@gitlab.com>
Co-authored-by: Max Fan <mfan@gitlab.com>

412caa4c

Revert 'security-leaked-ci-job-token-permission-16-0' from '16-0'" · 3c4fdbad

Max Fan authored 2 years ago

Merge branch 'revert-98be80c9' into '16-0-stable-ee'

See merge request gitlab-org/security/gitlab!3373

Changelog: security

3c4fdbad

Merge branch 'security-410123-bypass-code-owner-approvals-16-0' into '16-0-stable-ee' · b1d8d045

GitLab Release Tools Bot authored 2 years ago

Use fully qualified ref when loading code owner file

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3355

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Vasilii Iakliushin <viakliushin@gitlab.com>
Co-authored-by: Joe Woodward <jwoodward@gitlab.com>

b1d8d045

Use fully qualified ref when loading code owner file · 69c61fcb

Joe Woodward authored 2 years ago

Merge branch 'security-410123-bypass-code-owner-approvals-16-0' into '16-0-stable-ee'

See merge request gitlab-org/security/gitlab!3355

Changelog: security

69c61fcb

Merge branch 'security-410433-confidential-issue-16-0' into '16-0-stable-ee' · d4e32e12

GitLab Release Tools Bot authored 2 years ago

Maintainer can leak masked webhook secrets by manipulating URL masking

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3360

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Luke Duncalfe <lduncalfe@gitlab.com>
Co-authored-by: bmarjanovic <bmarjanovic@gitlab.com>

d4e32e12

Maintainer can leak masked webhook secrets by manipulating URL masking · a3e05501

Bojan Marjanovic authored 2 years ago

Merge branch 'security-410433-confidential-issue-16-0' into '16-0-stable-ee'

See merge request gitlab-org/security/gitlab!3360

Changelog: security

a3e05501

Merge branch 'security-fix-907-16-0' into '16-0-stable-ee' · 2fac88e1

GitLab Release Tools Bot authored 2 years ago

Remove approvals when the only commit gets amended

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3367



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Patrick Bajao <ebajao@gitlab.com>
Co-authored-by: David Kim <dkim@gitlab.com>

2fac88e1

Remove approvals when the only commit gets amended · 01e59413

Sincheol (David) Kim authored 2 years ago

Merge branch 'security-fix-907-16-0' into '16-0-stable-ee'

See merge request gitlab-org/security/gitlab!3367

Changelog: security

01e59413

Merge branch... · eced93ff

GitLab Release Tools Bot authored 2 years ago

Merge branch 'security-415131-add-authorization-to-failures-action-16-0-stable' into '16-0-stable-ee'

Add authorization validation to GithubController#failures action

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3334

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Mark Chao <mchao@gitlab.com>
Co-authored-by: Rodrigo Tomonari <rtomonari@gitlab.com>

eced93ff

Add authorization validation to GithubController#failures action · 9eab0689

Rodrigo Tomonari authored 2 years ago

Merge branch 'security-415131-add-authorization-to-failures-action-16-0-stable' into '16-0-stable-ee'

See merge request gitlab-org/security/gitlab!3334

Changelog: security

9eab0689

Merge branch 'security-408137-16-0' into '16-0-stable-ee' · 0878d4bd

GitLab Release Tools Bot authored 2 years ago

Fix for fork permissions check in compare controller

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3343

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Vasilii Iakliushin <viakliushin@gitlab.com>
Co-authored-by: Robert May <rmay@gitlab.com>

0878d4bd

Fix for fork permissions check in compare controller · da9bb4c7

Robert May authored 2 years ago

Merge branch 'security-408137-16-0' into '16-0-stable-ee'

See merge request gitlab-org/security/gitlab!3343

Changelog: security

da9bb4c7

Merge branch 'security-409034-confidential-issue-16-0' into '16-0-stable-ee' · 4c371704

GitLab Release Tools Bot authored 2 years ago

Webhook token leaked in Sidekiq logs if log format is 'default'

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3346

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Roy Zwambag <rzwambag@gitlab.com>
Co-authored-by: bmarjanovic <bmarjanovic@gitlab.com>

4c371704

Webhook token leaked in Sidekiq logs if log format is 'default' · a9835cb7

Bojan Marjanovic authored 2 years ago

Merge branch 'security-409034-confidential-issue-16-0' into '16-0-stable-ee'

See merge request gitlab-org/security/gitlab!3346

Changelog: security

a9835cb7

Merge branch 'security-untrusted-epic-reference-16-0' into '16-0-stable-ee' · ae78f8b8

GitLab Release Tools Bot authored 2 years ago

Mitigate epic reference filter ReDOS

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3340



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Vitali Tatarintev <vtatarintev@gitlab.com>
Co-authored-by: Brett Walker <bwalker@gitlab.com>

ae78f8b8

Mitigate epic reference filter ReDOS · c8046028

Brett Walker authored 2 years ago

Merge branch 'security-untrusted-epic-reference-16-0' into '16-0-stable-ee'

See merge request gitlab-org/security/gitlab!3340

Changelog: security

c8046028

Merge branch 'security-leaked-ci-job-token-permission-16-0' into '16-0-stable-ee' · 98be80c9

GitLab Release Tools Bot authored 2 years ago

Increasing security for CI_JOB_TOKEN on public and internal projects

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3318

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: A Browne <abrowne@gitlab.com>
Co-authored-by: Max Fan <mfan@gitlab.com>

98be80c9

Increasing security for CI_JOB_TOKEN on public and internal projects · b67db0cd

Max Fan authored 2 years ago

Merge branch 'security-leaked-ci-job-token-permission-16-0' into '16-0-stable-ee'

See merge request gitlab-org/security/gitlab!3318

Changelog: security

b67db0cd

Merge branch 'security_cablett_414269_16-0-fix_value_streams' into '16-0-stable-ee' · ae0d8675

GitLab Release Tools Bot authored 2 years ago

Adjust access to value stream create, edit and destroy actions

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3321



Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Felipe Artur <fcardozo@gitlab.com>
Co-authored-by: cablett <cablett@gitlab.com>
Co-authored-by: Adam Hegyi <ahegyi@gitlab.com>

ae0d8675

Adjust access to value stream create, edit and destroy actions · ee20f3f3

charlie ablett authored 2 years ago

Merge branch 'security_cablett_414269_16-0-fix_value_streams' into '16-0-stable-ee'

See merge request gitlab-org/security/gitlab!3321

Changelog: security

ee20f3f3

Merge branch... · 35ce0fd2

GitLab Release Tools Bot authored 2 years ago

Merge branch 'security-dblessing_fix_html_injection_admin_unconfirmed_user-16-0' into '16-0-stable-ee'

Sanitize user email addresses in admin confirm user dialog

See merge request https://gitlab.com/gitlab-org/security/gitlab/-/merge_requests/3331

Merged-by: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Approved-by: Kassio Borges <kborges@gitlab.com>
Co-authored-by: Drew Blessing <drew@gitlab.com>

35ce0fd2

Sanitize user email addresses in admin confirm user dialog · 545e0913

Drew Blessing authored 2 years ago

Merge branch 'security-dblessing_fix_html_injection_admin_unconfirmed_user-16-0' into '16-0-stable-ee'

See merge request gitlab-org/security/gitlab!3331

Changelog: security

545e0913