提交 · 88f00c714cc69121b831d0324cfd3d4956529e01 · 李少辉-开发者 / gitlab-foss

11 10月, 2019 1 次提交
- S
  
  Sanitize search text to prevent XSS · 88f00c71
  由 samantha-dev 提交于 9月 27, 2019
  
  88f00c71
07 10月, 2019 3 次提交
- G
  
  Merge remote-tracking branch 'dev/12-1-stable' into 12-1-stable · 3e2d0afa
  由 GitLab Release Tools Bot 提交于 10月 07, 2019
  
  3e2d0afa
- G
  
  Update VERSION to 12.1.14 · ef8aaefd
  由 GitLab Release Tools Bot 提交于 10月 07, 2019
  
  ef8aaefd
- G
  Update CHANGELOG.md for 12.1.14 · 6e62be75
  由 GitLab Release Tools Bot 提交于 10月 07, 2019
```
[ci skip]
```
  6e62be75
02 10月, 2019 3 次提交
- G
  
  Merge remote-tracking branch 'dev/12-1-stable' into 12-1-stable · ed21ca8e
  由 GitLab Release Tools Bot 提交于 10月 02, 2019
  
  ed21ca8e
- G
  
  Update VERSION to 12.1.13 · c6128d82
  由 GitLab Release Tools Bot 提交于 10月 01, 2019
  
  c6128d82
- G
  Update CHANGELOG.md for 12.1.13 · 6317d49c
  由 GitLab Release Tools Bot 提交于 10月 01, 2019
```
[ci skip]
```
  6317d49c
01 10月, 2019 3 次提交

M
Merge branch 'security-29491-12-1-ce' into '12-1-stable' · cdfcbb00
由 Marin Jankovski 提交于 10月 01, 2019
```
Fix private feature Elasticsearch leak

See merge request gitlab/gitlabhq!3452
```
cdfcbb00

EE port: Fix private feature Elasticsearch leak · ccb6a5a5

由 Mark Chao 提交于 9月 16, 2019

Add spec to test different combinations.
Accept string for required_minimum_access_level
Allow more flexible project membership query

ccb6a5a5

Merge branch 'fix_expired_gpg_key_specs' into 'master' · f84dc8c1

由 Stan Hu 提交于 9月 29, 2019

Fix broken specs : Generate new GPG key in place of expired one

Closes #32956

See merge request gitlab-org/gitlab!17853

f84dc8c1

27 9月, 2019 2 次提交
- G
  
  Update VERSION to 12.1.12 · fd62f3a1
  由 GitLab Release Tools Bot 提交于 9月 26, 2019
  
  fd62f3a1
- G
  Update CHANGELOG.md for 12.1.12 · e728ba7e
  由 GitLab Release Tools Bot 提交于 9月 26, 2019
```
[ci skip]
```
  e728ba7e
26 9月, 2019 12 次提交
- G
  Merge branch 'security-gitaly-1-53-4' into '12-1-stable' · 47949f6a
  由 GitLab Release Tools Bot 提交于 9月 26, 2019
```
Fix Gitaly SearchBlobs flag RPC injection [Gitaly v1.53.4]

See merge request gitlab/gitlabhq!3435
```
  47949f6a
- G
  Merge branch 'security-sarcila-verify-saml-request-origin-12-1' into '12-1-stable' · 1791e3e6
  由 GitLab Release Tools Bot 提交于 9月 26, 2019
```
Check that SAML identity linking validates the origin of the request

See merge request gitlab/gitlabhq!3376
```
  1791e3e6
- G
  Merge branch 'security-xss-mermaid-12-1' into '12-1-stable' · 65a022ad
  由 GitLab Release Tools Bot 提交于 9月 26, 2019
```
Gitlab XSS in markdown preview page

See merge request gitlab/gitlabhq!3400
```
  65a022ad
- G
  Merge branch... · 254b09ef
  由 GitLab Release Tools Bot 提交于 9月 26, 2019
```
Merge branch 'security-12717-fix-confidential-issue-assignee-visible-to-guests-12-1' into '12-1-stable'

Display only participants that user has permission to see

See merge request gitlab/gitlabhq!3403
```
  254b09ef
- G
  Merge branch 'security-bypass-email-verification-using-salesforce-12-1' into '12-1-stable' · 116fb15b
  由 GitLab Release Tools Bot 提交于 9月 26, 2019
```
Prevent Bypassing Email Verification using Salesforce

See merge request gitlab/gitlabhq!3407
```
  116fb15b
- G
  Merge branch 'security-mermaid-block-12-1' into '12-1-stable' · 84fd8316
  由 GitLab Release Tools Bot 提交于 9月 26, 2019
```
Only render fixed number of mermaid blocks

See merge request gitlab/gitlabhq!3413
```
  84fd8316
- G
  Merge branch 'security-12718-project-milestones-disclosed-via-groups-12-1-ce' into '12-1-stable' · 61d21609
  由 GitLab Release Tools Bot 提交于 9月 26, 2019
```
Hide disabled project milestones in project settings on group level

See merge request gitlab/gitlabhq!3416
```
  61d21609
- G
  Merge branch 'security-64938-dont-disclose-path-12-1-ce' into '12-1-stable' · 18771468
  由 GitLab Release Tools Bot 提交于 9月 26, 2019
```
Redirect user to root path after unsubscribing from private resource

See merge request gitlab/gitlabhq!3418
```
  18771468
- G
  Merge branch 'security-12630-private-system-note-disclosed-in-graphql-12-1-ce' into '12-1-stable' · f6fce08b
  由 GitLab Release Tools Bot 提交于 9月 26, 2019
```
Add policy check if cross reference system notes are accessible

See merge request gitlab/gitlabhq!3428
```
  f6fce08b
- G
  Merge branch 'security-fp-stop-jobs-when-blocking-user-12-1' into '12-1-stable' · 142522c9
  由 GitLab Release Tools Bot 提交于 9月 26, 2019
```
Cancel all running CI jobs when user is blocked

See merge request gitlab/gitlabhq!3438
```
  142522c9
- G
  Merge branch 'security-cross-reference-fix-ce-12-1' into '12-1-stable' · d3f758ab
  由 GitLab Release Tools Bot 提交于 9月 26, 2019
```
Filter not accessible label events

See merge request gitlab/gitlabhq!3442
```
  d3f758ab
- A
  
  Hide disabled project milestones in project settings on group level · 6ce5368d
  由 Alexandru Croitor 提交于 9月 13, 2019
  
  6ce5368d
25 9月, 2019 3 次提交
- A
  
  Add policy check if cross reference system notes are accessible · c01ad00e
  由 Alexandru Croitor 提交于 9月 18, 2019
  
  c01ad00e
- P
  
  Fix Gitaly SearchBlobs flag RPC injection · e0befbdc
  由 Paul Okstad 提交于 9月 23, 2019
  
  e0befbdc
- K
  Merge branch 'ss/fix-sast-failure-on-master-ee' into 'master' · 0be35b49
  由 Kushal Pandya 提交于 9月 02, 2019
```
Add argument to catch

See merge request gitlab-org/gitlab-ee!15911
```
  0be35b49
24 9月, 2019 2 次提交

Filter not accessible label events · a7a6a074

由 Jan Provaznik 提交于 9月 17, 2019

Label events may use cross-project or cross-group references,
if the projects are not accessible by user, we don't show these
label events.

a7a6a074

Cancel all running CI jobs when user is blocked · eb1c5b57

由 Fabio Pitino 提交于 9月 13, 2019

This prevents a MITM attack where attacker could
still access Git repository if any jobs were
running long enough.

eb1c5b57

20 9月, 2019 4 次提交
- A
  
  Display only participants that user has permission to see · 4ffd8efd
  由 Alexandru Croitor 提交于 9月 06, 2019
  
  4ffd8efd
- A
  Redirect user to root path after unsubscribing from private resource · f991af9a
  由 Alexandru Croitor 提交于 9月 10, 2019
```
If user unsubsrcribes from a resource that they no longer have
access to they should not be revealed the resource path, but be
redirected to app root instead.

https://gitlab.com/gitlab-org/gitlab-ce/issues/64938
```
  f991af9a
- G
  
  Update VERSION to 12.1.11 · 2e08a701
  由 GitLab Release Tools Bot 提交于 9月 19, 2019
  
  2e08a701
- G
  Update CHANGELOG.md for 12.1.11 · 3667ca90
  由 GitLab Release Tools Bot 提交于 9月 19, 2019
```
[ci skip]
```
  3667ca90
19 9月, 2019 6 次提交
- G
  
  Update VERSION to 12.1.10 · c011b445
  由 GitLab Release Tools Bot 提交于 9月 19, 2019
  
  c011b445
- G
  Update CHANGELOG.md for 12.1.10 · 6c82fea5
  由 GitLab Release Tools Bot 提交于 9月 19, 2019
```
[ci skip]
```
  6c82fea5
- J
  Merge branch '12-1-stable-patch-10' into '12-1-stable' · 18b968b3
  由 John Jarvis 提交于 9月 19, 2019
```
Prepare 12.1.10 release

See merge request gitlab-org/gitlab-foss!32979
```
  18b968b3
- M
  Merge branch 'sh-fix-captcha-state-pollution-spec' into 'master' · 216a6b4f
  由 Mayra Cabrera 提交于 9月 06, 2019
```
Fix order-dependent spec failures with reCAPTCHA

Closes #67133

See merge request gitlab-org/gitlab-ce!32771
```
  216a6b4f
- R
  
  Only render fixed number of mermaid blocks · 308ab9fb
  由 Rajat Jain 提交于 9月 13, 2019
  
  308ab9fb
- J
  Merge branch 'sh-fix-no-downtime-upgrades-ce' into '12-1-stable-patch-10' · 7dc637c1
  由 John Jarvis 提交于 9月 19, 2019
```
[12-1-stable] Re-add ignore_column for import columns

See merge request gitlab-org/gitlab-foss!32977
```
  7dc637c1
18 9月, 2019 1 次提交

Re-add ignore_column for import columns · 55bdab49

由 Stan Hu 提交于 6月 23, 2019

This `ignore_column` was present for a while but recently removed, but
to ensure we don't get error 500s let's keep it for a while.

55bdab49