Merge branch 'security_fixes' into 'master'
[security] gems update
[doorkeeper] added filtering of sensitive information (like secret key) from production.log
[gollum lib] remote code execution (in search field). We don't have search for wiki but it is better to have this fix.
Nothing critical!!!
related to #2143
See merge request !1732
Showing
... | ... | @@ -31,7 +31,7 @@ gem 'omniauth-shibboleth' |
gem 'omniauth-kerberos' | ||
gem 'omniauth-gitlab' | ||
gem 'omniauth-bitbucket' | ||
gem 'doorkeeper', '2.1.0' | ||
gem 'doorkeeper', '2.1.3' | ||
gem "rack-oauth2", "~> 1.0.5" | ||
# Browser detection | ||
... | ... | @@ -48,7 +48,7 @@ gem 'gitlab-grack', '~> 2.0.0.rc2', require: 'grack' |
gem 'gitlab_omniauth-ldap', '1.2.1', require: "omniauth-ldap" | ||
# Git Wiki | ||
gem 'gollum-lib', '~> 4.0.0' | ||
gem 'gollum-lib', '~> 4.0.2' | ||
# Language detection | ||
gem "gitlab-linguist", "~> 3.0.1", require: "linguist" | ||
... | ... |
Please
register
or
sign in
to comment