- 29 Jun, 2022 26 commits
-
-
GitLab Release Tools Bot authored
Escape deploy key title to prevent XSS See merge request gitlab-org/security/gitlab!2494
-
Kushal Pandya authored
Merge branch 'security-escape-deploy-key-title-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2494 Changelog: security
-
GitLab Release Tools Bot authored
Sanitize ZenTao breadcrumb links See merge request gitlab-org/security/gitlab!2557
-
Luke Duncalfe authored
Merge branch 'security-360540-zentao-xss-links-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2557 Changelog: security
-
GitLab Release Tools Bot authored
Fix permissions in the project labels API See merge request gitlab-org/security/gitlab!2534
-
Heinrich Lee Yu authored
Merge branch 'security-357963-prevent-editing-group-labels-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2534 Changelog: security
-
GitLab Release Tools Bot authored
Security fix sentry issue leaks and access level check See merge request gitlab-org/security/gitlab!2501
-
Adam Hegyi authored
Merge branch 'security-fix-sentry-issue-leaks-and-access-level-check-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2501 Changelog: security
-
GitLab Release Tools Bot authored
Check permissions before exposing user two factor enabled See merge request gitlab-org/security/gitlab!2525
-
Drew Blessing authored
Merge branch 'security-dblessing_2fa_member_status-15-0-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2525 Changelog: security
-
GitLab Release Tools Bot authored
Filter milestone release by user access See merge request gitlab-org/security/gitlab!2537
-
Vladimir Shushlin authored
Merge branch 'security-group-milestone-releases-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2537 Changelog: security
-
GitLab Release Tools Bot authored
Fix the required access level in the Conan packages finder See merge request gitlab-org/security/gitlab!2485
-
David Fernandez authored
Merge branch 'security-conan-packages-finder-min-access-level-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2485 Changelog: security
-
GitLab Release Tools Bot authored
Allow inviting only groups with subset of allowed domains to groups See merge request gitlab-org/security/gitlab!2512
-
Abdul Wadood authored
Merge branch 'security-validate-allowed-email-domains-on-group-invite-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2512 Changelog: security
-
GitLab Release Tools Bot authored
Fix open redirect vulnerability See merge request gitlab-org/security/gitlab!2540
-
Andy Soiron authored
Merge branch 'security-fix-open-redirect-vulnerability-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2540 Changelog: security
-
GitLab Release Tools Bot authored
Adds a filter based on user access to Runner jobs endpoint See merge request gitlab-org/security/gitlab!2497
-
Laura Montemayor authored
Merge branch 'security-list-runner-jobs-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2497 Changelog: security
-
GitLab Release Tools Bot authored
Prevent runners from picking IP restricted jobs See merge request gitlab-org/security/gitlab!2503
-
Marius Bobin authored
Merge branch 'security-682-jobs-with-restricted-ip-addresses-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2503 Changelog: security
-
GitLab Release Tools Bot authored
Restrict CI lint access to pipeline creators See merge request gitlab-org/security/gitlab!2515
-
Avielle Wolfe authored
Merge branch 'security-aw-355738-restrict-ci-config-access-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2515 Changelog: security
-
GitLab Release Tools Bot authored
Catch endless headers when reading HTTP responses See merge request gitlab-org/security/gitlab!2529
-
Markus Koller authored
Merge branch 'security-fix-http-endless-headers-dos-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2529 Changelog: security
-
- 15 Jun, 2022 1 commit
-
-
Alessio Caiazza authored
Remove JWT deprecation announcement in 14.10 See merge request gitlab-org/gitlab!89492
-
- 08 Jun, 2022 1 commit
-
-
Vlad Mihai authored
-
- 01 Jun, 2022 12 commits
-
-
GitLab Release Tools Bot authored
-
GitLab Release Tools Bot authored
[merge-train skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
GitLab Release Tools Bot authored
[ci skip]
-
Alessio Caiazza authored
Fix IP restrictions not applying to deploy tokens See merge request gitlab-org/security/gitlab!2471
-
Stan Hu authored
Merge branch 'security-security/sh-deploy-token-ip-fix-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2471 Changelog: security
-
GitLab Release Tools Bot authored
Trigger token should respect group IP restrictions See merge request gitlab-org/security/gitlab!2478
-
Thong Kuah authored
Merge branch 'security-security_trigger_ip_restrictions-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2478 Changelog: security
-
GitLab Release Tools Bot authored
Fix content injection in Jira issue title See merge request gitlab-org/security/gitlab!2464
-
Markus Koller authored
Merge branch 'security-674-fix-jira-content-injection-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2464 Changelog: security
-
GitLab Release Tools Bot authored
Subgroup member can list members of parent group See merge request gitlab-org/security/gitlab!2480
-
Manoj M J authored
Merge branch 'security-subgroup-member-list-parent-group-member-14-10' into '14-10-stable-ee' See merge request gitlab-org/security/gitlab!2480 Changelog: security
-
