Commits · 1425a56c75beecaa289ad59587d636f8f469509e · nexedi / gitlab-ce

22 Oct, 2019 3 commits
- Update VERSION to 12.4.0 · 1425a56c
  GitLab Release Tools Bot authored Oct 22, 2019
  
  1425a56c
- Update CHANGELOG.md for 12.4.0 · ee8d1cf6
  GitLab Release Tools Bot authored Oct 22, 2019
```
[ci skip]
```
  ee8d1cf6
- Add latest changes from gitlab-org/gitlab@12-4-stable-ee · 905c1110
  GitLab Bot authored Oct 22, 2019
  
  905c1110
07 Oct, 2019 3 commits
- Merge remote-tracking branch 'dev/12-3-stable' into 12-3-stable · 50d93f8d
  GitLab Release Tools Bot authored Oct 07, 2019
  
  50d93f8d
- Update VERSION to 12.3.5 · 2417d5be
  GitLab Release Tools Bot authored Oct 07, 2019
  
  2417d5be
- Update CHANGELOG.md for 12.3.5 · c173e2ec
  GitLab Release Tools Bot authored Oct 07, 2019
```
[ci skip]
```
  c173e2ec
02 Oct, 2019 4 commits
- Merge branch '33216-quarantine-ECDSA' into 'master' · 7a89e5df
  Rémy Coutable authored Oct 02, 2019
```
Quarantine some ECDSA related tests due to bumping openssl

See merge request gitlab-org/gitlab!18016
```
  7a89e5df
- Update VERSION to 12.3.4 · f33961a3
  GitLab Release Tools Bot authored Oct 02, 2019
  
  f33961a3
- Update CHANGELOG.md for 12.3.4 · 8552d568
  GitLab Release Tools Bot authored Oct 02, 2019
```
[ci skip]
```
  8552d568
- Merge remote-tracking branch 'dev/12-3-stable' into 12-3-stable · cb02fbc6
  GitLab Release Tools Bot authored Oct 02, 2019
  
  cb02fbc6
01 Oct, 2019 4 commits
- Update VERSION to 12.3.3 · ab531f31
  GitLab Release Tools Bot authored Oct 01, 2019
  
  ab531f31
- Update CHANGELOG.md for 12.3.3 · e0eebfc0
  GitLab Release Tools Bot authored Oct 01, 2019
```
[ci skip]
```
  e0eebfc0
- Merge branch 'security-29491-12-3-ce' into '12-3-stable' · d33e95ae
  Marin Jankovski authored Oct 01, 2019
```
Fix private feature Elasticsearch leak

See merge request gitlab/gitlabhq!3450
```
  d33e95ae
- EE port: Fix private feature Elasticsearch leak · f1325611
  Mark Chao authored Sep 16, 2019
```
Add spec to test different combinations.
Accept string for required_minimum_access_level
Allow more flexible project membership query
```
  f1325611
30 Sep, 2019 1 commit

Merge branch 'fix_expired_gpg_key_specs' into 'master' · 5a54a8d9

Stan Hu authored Sep 29, 2019

Fix broken specs : Generate new GPG key in place of expired one

Closes #32956

See merge request gitlab-org/gitlab!17853

5a54a8d9

26 Sep, 2019 12 commits
- Update VERSION to 12.3.2 · d3cda7c1
  GitLab Release Tools Bot authored Sep 26, 2019
  
  d3cda7c1
- Update CHANGELOG.md for 12.3.2 · fa496b64
  GitLab Release Tools Bot authored Sep 26, 2019
```
[ci skip]
```
  fa496b64
- Merge branch 'security-gitaly-1-65-1' into '12-3-stable' · 40a93ab0
  GitLab Release Tools Bot authored Sep 26, 2019
```
Fix Gitaly SearchBlobs flag RPC injection [Gitaly v1.65.1]

See merge request gitlab/gitlabhq!3433
```
  40a93ab0
- Merge branch 'security-bypass-email-verification-using-salesforce' into '12-3-stable' · 8f2372d5
  GitLab Release Tools Bot authored Sep 26, 2019
```
Prevent Bypassing Email Verification using Salesforce

See merge request gitlab/gitlabhq!3395
```
  8f2372d5
- Merge branch 'security-sarcila-verify-saml-request-origin-12-3' into '12-3-stable' · fc921391
  GitLab Release Tools Bot authored Sep 26, 2019
```
Check that SAML identity linking validates the origin of the request

See merge request gitlab/gitlabhq!3396
```
  fc921391
- Merge branch 'security-mermaid-block' into '12-3-stable' · a31eb11c
  GitLab Release Tools Bot authored Sep 26, 2019
```
Only render fixed number of mermaid blocks

See merge request gitlab/gitlabhq!3411
```
  a31eb11c
- Merge branch... · 9c86027e
  GitLab Release Tools Bot authored Sep 26, 2019
```
Merge branch 'security-12717-fix-confidential-issue-assignee-visible-to-guests-12-3' into '12-3-stable'

Display only participants that user has permission to see

See merge request gitlab/gitlabhq!3421
```
  9c86027e
- Merge branch 'security-64938-dont-disclose-path-12-3-ce' into '12-3-stable' · f15977b0
  GitLab Release Tools Bot authored Sep 26, 2019
```
Redirect user to root path after unsubscribing from private resource

See merge request gitlab/gitlabhq!3423
```
  f15977b0
- Merge branch 'security-12718-project-milestones-disclosed-via-groups-12-3-ce' into '12-3-stable' · 020df25c
  GitLab Release Tools Bot authored Sep 26, 2019
```
Hide disabled project milestones in project settings on group level

See merge request gitlab/gitlabhq!3424
```
  020df25c
- Merge branch 'security-12630-private-system-note-disclosed-in-graphql-12-3-ce' into '12-3-stable' · 42902b2f
  GitLab Release Tools Bot authored Sep 26, 2019
```
Add policy check if cross reference system notes are accessible

See merge request gitlab/gitlabhq!3426
```
  42902b2f
- Merge branch 'security-fp-stop-jobs-when-blocking-user-12-3' into '12-3-stable' · 7224fd1c
  GitLab Release Tools Bot authored Sep 26, 2019
```
Cancel all running CI jobs when user is blocked

See merge request gitlab/gitlabhq!3436
```
  7224fd1c
- Merge branch 'security-cross-reference-fix-ce-12-3' into '12-3-stable' · e5ba7aae
  GitLab Release Tools Bot authored Sep 26, 2019
```
Filter not accessible label events

See merge request gitlab/gitlabhq!3440
```
  e5ba7aae
25 Sep, 2019 1 commit
- Reduce change in locale file · f5545576
  Małgorzata Ksionek authored Sep 25, 2019
  
  f5545576
24 Sep, 2019 5 commits
- Filter not accessible label events · bc22ef7b
  Jan Provaznik authored Sep 17, 2019
```
Label events may use cross-project or cross-group references,
if the projects are not accessible by user, we don't show these
label events.
```
  bc22ef7b
- Update VERSION to 12.3.1 · 3440d0f6
  GitLab Release Tools Bot authored Sep 24, 2019
  
  3440d0f6
- Update CHANGELOG.md for 12.3.1 · 3e8a76e6
  GitLab Release Tools Bot authored Sep 24, 2019
```
[ci skip]
```
  3e8a76e6
- Add latest changes from gitlab-org/gitlab@12-3-stable-ee · c223f8a1
  GitLab Bot authored Sep 24, 2019
  
  c223f8a1
- Cancel all running CI jobs when user is blocked · 90466e70
  Fabio Pitino authored Sep 13, 2019
```
This prevents a MITM attack where attacker could
still access Git repository if any jobs were
running long enough.
```
  90466e70
23 Sep, 2019 6 commits
- Fix Gitaly SearchBlobs flag RPC injection · 8ab6f666
  Paul Okstad authored Sep 23, 2019
  
  8ab6f666
- Add policy check if cross reference system notes are accessible · e82f50d0
  Alexandru Croitor authored Sep 18, 2019
  
  e82f50d0
- Hide disabled project milestones in project settings on group level · f37b0cd6
  Alexandru Croitor authored Sep 13, 2019
  
  f37b0cd6
- Redirect user to root path after unsubscribing from private resource · a4e04c4c
  Alexandru Croitor authored Sep 10, 2019
```
If user unsubsrcribes from a resource that they no longer have
access to they should not be revealed the resource path, but be
redirected to app root instead.

https://gitlab.com/gitlab-org/gitlab-ce/issues/64938
```
  a4e04c4c
- Add checking for email_verified key · 6ce2e6df
  Małgorzata Ksionek authored Sep 04, 2019
```
Fix rubocop offences and add changelog

Add email_verified key for feature specs

Add code review remarks

Add code review remarks

Fix specs
```
  6ce2e6df
- Display only participants that user has permission to see · d7cccb19
  Alexandru Croitor authored Sep 06, 2019
  
  d7cccb19
20 Sep, 2019 1 commit
- Update VERSION to 12.3.0 · 7099ecf7
  GitLab Release Tools Bot authored Sep 20, 2019
  
  7099ecf7