3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

46 commits

Author SHA1 Message Date
Florian Klink 0a87568b03 gitlab: 12.7.5 -> 12.7.6 2020-02-13 22:18:27 +01:00
Florian Klink 0142bd49cc gitlab: 12.7.4 -> 12.7.5
https://about.gitlab.com/releases/2020/01/31/gitlab-12-7-5-released/
2020-02-01 17:07:55 +01:00
Florian Klink cb02372211 gitlab: 12.6.4 -> 12.7.4
- CVE-2020-7966
 - CVE-2020-8114
 - CVE-2020-7973
 - CVE-2020-6833
 - CVE-2020-7971
 - CVE-2020-7967
 - CVE-2020-7972
 - CVE-2020-7968
 - CVE-2020-7979
 - CVE-2020-7969
 - CVE-2020-7978
 - CVE-2020-7974
 - CVE-2020-7977
 - CVE-2020-7976
 - CVE-2019-16779
 - CVE-2019-18978
 - CVE-2019-16892
2020-01-31 12:34:57 +01:00
Florian Klink 57560cc028 gitlab: 12.6.2 -> 12.6.4 2020-01-13 21:49:34 +01:00
Florian Klink d075e33bf5 gitlab: 12.6.1 -> 12.6.2
- CVE-2019-20146
 - CVE-2019-20143
 - CVE-2019-20147
 - CVE-2019-20145
 - CVE-2019-20142
 - CVE-2019-20148
 - CVE-2020-5197
2020-01-02 23:09:53 +01:00
talyz 0825e382c0 gitlab: 12.6.0 -> 12.6.1 2019-12-28 14:00:04 +01:00
talyz ff28cfa6d3 gitlab: 12.5.5 -> 12.6.0 2019-12-23 00:39:33 +01:00
talyz 7d602d3d36 gitlab: 12.5.4 -> 12.5.5 2019-12-17 22:18:10 +01:00
Florian Klink 5bf07d665f gitlab: 12.5.3 -> 12.5.4
https://about.gitlab.com/blog/2019/12/10/critical-security-release-gitlab-12-5-4-released/

Insufficient parameter sanitization for Maven package registry could lead to privilege escalation and remote code execution vulnerabilities under certain conditions. The issue is now mitigated in the latest release and is assigned CVE-2019-19628.

When transferring a public project to a private group, private code would be disclosed via the Group Search API provided by Elasticsearch integration. The issue is now mitigated in the latest release and is assigned CVE-2019-19629.

The Git dependency has been upgraded to 2.22.2 in order to apply security fixes detailed here.

CVE-2019-19604 was identified by the GitLab Security Research team. For more information on that issue, please visit the GitLab Security Research Advisory

closes #75506.
2019-12-11 15:16:36 +01:00
Milan Pässler a43003d633 gitlab: 12.5.2 -> 12.5.3 2019-12-04 11:30:40 +01:00
Florian Klink 00f4760cdc gitlab: 12.5.0 -> 12.5.2 2019-11-28 00:17:30 +01:00
talyz ce2aa10765 gitlab: 12.4.3 -> 12.5.0 2019-11-26 17:32:01 +01:00
Milan Pässler f53fe02ff0 gitlab: 12.4.2 -> 12.4.3 2019-11-21 09:35:56 +00:00
talyz a779d7751e gitlab: 12.4.1 -> 12.4.2 2019-11-06 10:56:20 +01:00
talyz 2e8417b52a gitlab: 12.4.0 -> 12.4.1 2019-10-31 18:55:08 +01:00
talyz 5081a6cd56 gitlab: 12.3.5 -> 12.4.0
- gitlab-shell no longer requires ruby for anything else than the
  install script, so the bundlerEnv stuff could be dropped

- gitlab-shell and gitlab-workhorse now report their versions
  correctly
2019-10-28 14:56:37 +01:00
talyz 9be76d0b6a gitlab: 12.3.4 -> 12.3.5 2019-10-08 16:35:50 +02:00
talyz afa3abf632 gitlab: Refactor for new repo structure
GitLab recently restructured their repos; whereas previously they had
one gitlab-ce and one gitlab-ee repo, they're now one and the
same. All proprietary components are put into the ee subdirectory -
removing it gives us the foss / community version of GitLab. For more
info, see
https://about.gitlab.com/2019/02/21/merging-ce-and-ee-codebases/

This gives us the opportunity to simplify things quite a bit, since we
don't have to keep track of two separate versions of either the base
data or rubyEnv.
2019-10-08 15:52:11 +02:00
talyz f3eb063ecf gitlab: 12.1.6 -> 12.3.4
- Update GitLab to 12.3.4

- Update update.py to cope with the new upstream repository structure

- Refactor gitlab-shell to use buildGoPackage and bundlerEnv for
  dependencies

- Refactor gitlab-workhorse to use buildGoPackage for dependencies

- Make update.py able to update gitlab-shell and gitlab-workhorse
  dependencies

- Various fixes necessary for update to work
2019-10-04 18:03:05 +02:00
Florian Klink 362076c581 gitlab-ee: 12.0.3 -> 12.1.6 2019-08-14 14:51:59 +02:00
Florian Klink 8ce1c4c26a gitlab-ce: 12.0.3 -> 12.1.6 2019-08-14 14:51:00 +02:00
Ben Gamari 363b352af3 gitlab: 11.10.8 -> 12.0.3
This is a major version bump but things were generally straightforward
save two wrinkles:

 * it is necessary to ignore collisions in the gitlab bundler
   environment as both `omniauth_oauth2_generic` and
   `apollo_upload_server` provide a `console` executable.

 * grpc had to be patched since its build system expects the `AR`
   environment variable to contain not just the path to `ar` but
   also the `rpc` flags (see the discussion in nixpkgs #63056).
2019-07-14 23:03:39 +02:00
Florian Klink 580be224c7 gitlab-ee: 11.10.5 -> 11.10.8 2019-07-05 00:44:10 +02:00
Florian Klink c57a9d7f9a gitlab-ce: 11.10.5 -> 11.10.8 2019-07-05 00:44:10 +02:00
Marek Mahut bf01a3ba94 gitlab: 11.10.4 -> 11.10.5 2019-06-13 01:45:13 +02:00
Florian Klink d237c8a182 gitlab-ee: 11.9.11 -> 11.10.4 2019-05-03 20:22:08 +02:00
Florian Klink 02124aa8fb gitlab-ce: 11.9.11 -> 11.10.4 2019-05-03 20:21:55 +02:00
Florian Klink 5d6f6d5d94 gitlab-ee: 11.9.8 -> 11.9.11 2019-05-01 14:48:58 +02:00
Florian Klink b9df035cb7 gitlab-ce: 11.9.8 -> 11.9.11 2019-05-01 14:48:27 +02:00
Florian Klink 33423e52c6 gitlab-ee: 11.9.1 -> 11.9.8 2019-04-22 23:41:32 +02:00
Florian Klink 04b5eb10c0 gitlab-ce: 11.9.1 -> 11.9.8 2019-04-22 23:41:32 +02:00
Florian Klink ec319793b4 gitlab: 11.9.0 -> 11.9.1 2019-03-26 21:00:04 +01:00
Ben Gamari d8c16f11a6 gitlab: 11.8.2 -> 11.9.0 2019-03-25 15:25:11 -04:00
Ben Gamari 0ba98bb64c gitlab: 11.7.5 -> 11.8.2 2019-03-25 15:25:06 -04:00
Florian Klink f4a7c16bd9 gitlab-ee: 11.7.4 -> 11.7.5 2019-02-17 13:43:52 +01:00
Florian Klink 7f6351a21d gitlab: 11.7.4 -> 11.7.5 2019-02-17 13:43:38 +01:00
Jeff Slight 8c043d3c7b gitlab: 11.6.3 -> 11.7.4 2019-02-06 00:30:29 +01:00
Robin Gloster 8fac37db00
gitlab: 11.6.0 -> 11.6.3 2019-01-07 20:08:15 +01:00
Florian Klink 4d7ce7a605 gitlab-ee: 11.5.5 -> 11.6.0 2018-12-25 15:25:45 +01:00
Florian Klink 7ea6bde0ae gitlab-ce: 11.5.5 -> 11.6.0 2018-12-25 15:25:45 +01:00
Florian Klink 236cb26954 gitlab-ee: 11.5.4 -> 11.5.5
CVE-2018-20229, https://about.gitlab.com/2018/12/20/critical-security-release-gitlab-11-dot-5-dot-5-released/
2018-12-24 03:48:18 +01:00
Florian Klink 6397fd3e71 gitlab-ce: 11.5.4 -> 11.5.5
CVE-2018-20229, https://about.gitlab.com/2018/12/20/critical-security-release-gitlab-11-dot-5-dot-5-released/
2018-12-24 03:48:18 +01:00
Florian Klink 1812014215 gitlab-ee: 11.5.1 -> 11.5.4 2018-12-16 19:47:35 +01:00
Florian Klink 4175f62a43 gitlab-ce: 11.5.1 -> 11.5.4 2018-12-16 19:47:35 +01:00
Robin Gloster 88b63b2505
gitlab: 11.5.0 -> 11.5.1 2018-12-04 21:27:23 +01:00
Florian Klink 625e66d879 gitlab: 11.4.4 -> 11.5.0, add data.json, make default.nix use it 2018-11-23 17:59:07 +01:00