Commit Graph

52 Commits

Author SHA1 Message Date
Robin Gloster
231f434a4d
gitlab: 10.3.3 -> 10.3.4
Fixes:
 - CVE-2017-0915
 - CVE-2018-3710
 - CVE-2017-0918
 - CVE-2017-0923
 - CVE-2017-0925
 - CVE-2017-0926
 - CVE-2017-0924
 - CVE-2017-0914
 - CVE-2017-0916
 - CVE-2017-0917
 - CVE-2017-0927
 - CVE-2017-0922

See https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
for details.
2018-01-17 01:46:41 +01:00
Robin Gloster
1c5fd46d6c
gitlab: 10.1.1 -> 10.3.3 2018-01-07 05:02:53 +01:00
Servilio Afre Puentes
f2ac5e0acf gitlab: 10.0.2 -> 10.1.1 2017-11-06 14:50:53 -05:00
Markus Mueller
60b0db0e08
gitlab: link tmp/ directory to writable path 2017-10-16 14:58:02 +02:00
Robin Gloster
57ed9e7e1d
gitlab: 9.5.5 -> 10.0.2 2017-09-28 23:14:31 +02:00
Robin Gloster
e2822f6384
gitlab: 9.5.2 -> 9.5.5 2017-09-21 20:26:12 +02:00
Franz Pletz
2f48144d0e
gitlab: 9.4.5 -> 9.5.2 2017-09-03 15:50:52 +02:00
Robin Gloster
7c07807949
gitlab: unbreak 2017-09-02 23:23:09 +02:00
roblabla
55bc0c3836 gitlab: 9.4.3 -> 9.4.5 2017-08-25 16:14:11 +02:00
roblabla
259970d26e gitlab: Fix packaging, compile gettext files before assets 2017-08-25 16:14:05 +02:00
roblabla
05b8879464 gitlab: Mark as broken 2017-08-06 16:38:19 +02:00
roblabla
8975d153a0 gitlab: 9.3.4 -> 9.4.3 2017-08-06 16:30:49 +02:00
roblabla
0c7c421baa gitlab: 8.17.6 -> 9.3.4 2017-07-06 13:29:49 +02:00
Franz Pletz
48996dba46
gitlab: fix build, add nokogiri exception to Gemfile.lock 2017-06-07 06:55:39 +02:00
Franz Pletz
326efe5fdc
gitlab: 8.17.5 -> 8.17.6
Security release: https://about.gitlab.com/2017/05/08/gitlab-9-dot-1-dot-3-security-release/
2017-05-09 18:19:38 +02:00
Franz Pletz
d3ef8dc633
gitlab: 8.17.4 -> 8.17.5
Fixes security issues:

  https://about.gitlab.com/2017/04/05/gitlab-9-dot-0-dot-4-security-release/
2017-04-06 21:04:22 +02:00
Franz Pletz
219e91b4c6
gitlab: add rake task to delete tokens
The information disclosure was caued by CVE-2017-0882.
2017-03-21 13:16:54 +01:00
Franz Pletz
29f57ac447
gitlab: 8.16.6 -> 8.17.4 for CVE-2017-0882 2017-03-21 13:16:31 +01:00
Franz Pletz
c302cb4910
gitlab: 8.16.4 -> 8.16.6 2017-02-20 21:53:17 +01:00
Eelco Dolstra
314dd9215b Merge pull request #16654 from awakenetworks/parnell/setcap-wrappers
Adding setcap-wrapper functionality to Nix
2017-02-14 16:25:06 +01:00
Tristan Helmich
8d853d0190 gitlab: 8.16.3 -> 8.16.4 2017-02-14 11:16:36 +01:00
Parnell Springmeyer
9e36a58649
Merging against upstream master 2017-02-13 17:16:28 -06:00
Franz Pletz
e07f1f2066
gitlab: 8.16.1 -> 8.16.3 2017-01-30 21:40:18 +01:00
Parnell Springmeyer
4aa0923009
Getting rid of the var indirection and using a bin path instead 2017-01-29 04:11:01 -06:00
Parnell Springmeyer
e92b8402b0
Addressing PR feedback 2017-01-28 20:48:03 -08:00
Parnell Springmeyer
a26a796d5c
Merging against master - updating smokingpig, rebase was going to be messy 2017-01-26 02:00:04 -08:00
Parnell Springmeyer
bae00e8aa8
setcap-wrapper: Merging with upstream master and resolving conflicts 2017-01-25 11:08:05 -08:00
Franz Pletz
c9d5e5b34b
gitlab: 8.15.4 -> 8.16.1 2017-01-24 21:29:06 +01:00
Jörg Thalheim
dd91891bd9
gitlab: use gemdir 2017-01-18 00:52:52 +01:00
Franz Pletz
6e079bdd60
gitlab: 8.13.5 -> 8.15.4 2017-01-15 17:27:28 +01:00
Franz Pletz
b15409d6f6
gitlab: 8.12.8 -> 8.13.5 2016-11-10 06:23:58 +01:00
Franz Pletz
a7d35fdff3
gitlab: 8.12.6 -> 8.12.8, fix CVE-2016-9086
https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/
2016-11-03 20:18:05 +01:00
Franz Pletz
9df6c89a6e
gitlab: 8.12.1 -> 8.12.6 2016-10-14 17:34:29 +02:00
Franz Pletz
77779323c5
gitlab: 8.11.2 -> 8.12.1 2016-09-27 18:41:02 +02:00
Parnell Springmeyer
98c058a1ee Adapting everything for the merged permissions wrappers work. 2016-09-01 19:21:06 -05:00
Franz Pletz
d70f83e7e9
gitlab: 8.10.6 -> 8.11.2 2016-08-26 15:03:19 +02:00
Franz Pletz
131bc22b84 gitlab service: add option for db_key_base secret 2016-08-17 13:17:47 +02:00
Franz Pletz
b070a9c439 gitlab: 8.10.3 -> 8.10.6 2016-08-17 05:36:24 +02:00
Franz Pletz
c39b6025d8 gitlab: 8.5.12 -> 8.10.3, update module
Fixes #14795.
2016-08-04 02:29:44 +02:00
Franz Pletz
2acea21155 gitlab: 8.5.7 -> 8.5.12 2016-05-04 01:24:55 +02:00
zimbatm
64fe2b5eb6 gitlab: remove unused parameter 2016-03-19 22:04:12 +00:00
Franz Pletz
1cd99b1a48 gitlab: 8.5.5 -> 8.5.7 2016-03-17 03:39:16 +01:00
Philipp Volguine
a2424fffd3 Gitlab package version 8.5.1 -> 8.5.5
-had to bump the versions on a few gem dependencies
2016-03-13 21:05:11 +00:00
Franz Pletz
c2412bd700 fixup! gitlab: 8.0.5 -> 8.5.0, service improvements
8.5.0 -> 8.5.1
2016-02-26 08:31:21 +01:00
Franz Pletz
bcfa59bf82 gitlab: 8.0.5 -> 8.5.0, service improvements
Updates gitlab to the current stable version and fixes a lot of features that
were broken, at least with the current version and our configuration.

Quite a lot of sweat and tears has gone into testing nearly all features and
reading/patching the Gitlab source as we're about to deploy gitlab for our
whole company.

Things to note:

 * The gitlab config is now written as a nix attribute set and will be
   converted to JSON. Gitlab uses YAML but JSON is a subset of YAML.
   The `extraConfig` opition is also an attribute set that will be merged
   with the default config. This way *all* Gitlab options are supported.

 * Some paths like uploads and configs are hardcoded in rails  (at least
   after my study of the Gitlab source). This is why they are linked from
   the Gitlab root to /run/gitlab and then linked to the  configurable
   `statePath`.

 * Backup & restore should work out of the box from another Gitlab instance.

 * gitlab-git-http-server has been replaced by gitlab-workhorse upstream.
   Push & pull over HTTPS works perfectly. Communication to gitlab is done
   over unix sockets. An HTTP server is required to proxy requests to
   gitlab-workhorse over another unix socket at
   `/run/gitlab/gitlab-workhorse.socket`.

 * The user & group running gitlab are now configurable. These can even be
   changed for live instances.

 * The initial email address & password of the root user can be configured.

Fixes #8598.
2016-02-26 07:08:31 +01:00
roblabla
b7a4231aa2 gitlab: 7.4.2 -> 8.0.5 2015-12-04 01:14:24 +01:00
William A. Kennington III
dae5b35463 ruby: Fixup libv8 versions 2015-07-08 15:10:50 -07:00
Nikolay Amiantov
c6e0178d40 gitlab: fix checksum 2015-02-18 19:25:13 +03:00
Charles Strahan
6eaa419920 gitlab: fix evaluation 2015-01-25 16:28:18 -05:00
Jaka Hudoklin
90683792aa gitlab: fix i686-linux build and module
It turns out that installing therubytracer, with dependency on old v8, even
when using source libv8 version is problematic.
(see
http://stackoverflow.com/questions/21666379/problems-installing-gitlab-on-odroid-v8-lib-not-available).

But wait, rails does not even need therubytracer, just any kind of javascript
server side execution framework like nodejs. Well just use that, as also
suggested from different internet sources (look link above), it works just
fine.
2014-12-14 02:24:12 +01:00