delta/gitlab/gitlab-shell.git, branch stricter-exec_cmd gitlab.com: gitlab-org/gitlab-shell.git Add comment about untrusted origin_cmd 2015-11-26T16:33:08+00:00 Jacob Vosmaer contact@jacobvosmaer.nl 2015-11-26T16:33:08+00:00 9d12fa78d8eb10235dbd287478a3c861dc5a7a25 






Add spec for stricter exec_cmd checks
2015-11-25T17:00:17+00:00

Jacob Vosmaer
contact@jacobvosmaer.nl

2015-11-25T17:00:17+00:00

ca66ab5191510aac5c71f3ab7ad3172d1cf3b67a












Limit availability of SSH_ORIGINAL_COMMAND
2015-11-25T16:53:31+00:00

Jacob Vosmaer
contact@jacobvosmaer.nl

2015-11-25T16:53:31+00:00

712daa411a2ab3d0add9d9e4a5b36ca81b53f674

Hoping this makes it more obvious when code touches the very
unsafe contents of this variable.





Hoping this makes it more obvious when code touches the very
unsafe contents of this variable.







Disallow execing strings
2015-11-25T16:40:01+00:00

Jacob Vosmaer
contact@jacobvosmaer.nl

2015-11-25T16:39:23+00:00

c4ea06e5e40c2108ed0ee79befc71790f2fc08b4

Passing strings to Kernel::exec leads to remote code execution.





Passing strings to Kernel::exec leads to remote code execution.







Merge branch 'revert-lfs-authenticate' into 'master'

2015-11-25T12:06:23+00:00

Dmitriy Zaporozhets
dzaporozhets@gitlab.com

2015-11-25T12:06:23+00:00

1a75d086b53d799ac10f77acfb198f2c5ea95621


Revert "Run git-lfs-authenticate script with original command line arguments"

This reverts commit 8449979ff029af51be0c675c5b6262bc4adc8b3d.

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Related to: #35, gitlab/gitlabhq#2635

See merge request !68





Revert "Run git-lfs-authenticate script with original command line arguments"

This reverts commit 8449979ff029af51be0c675c5b6262bc4adc8b3d.

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Related to: #35, gitlab/gitlabhq#2635

See merge request !68






Bump version to 2.6.8
2015-11-25T12:05:27+00:00

Dmitriy Zaporozhets
dmitriy.zaporozhets@gmail.com

2015-11-25T12:05:27+00:00

d951ded1beae99bc5fb66455178a08da72dc08a5

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>





Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>







Return changelog item for 2.6.6
2015-11-25T11:57:07+00:00

Dmitriy Zaporozhets
dmitriy.zaporozhets@gmail.com

2015-11-25T11:57:07+00:00

f431279fab76c4d245a13fd0cd473a7152b7b76f

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>





Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>







Revert "Run git-lfs-authenticate script with original command line arguments"
2015-11-25T11:55:05+00:00

Dmitriy Zaporozhets
dmitriy.zaporozhets@gmail.com

2015-11-25T11:55:05+00:00

dacb8ec07645f254c3a2cf7d6f1d6c26b4f33dce

This reverts commit 8449979ff029af51be0c675c5b6262bc4adc8b3d.

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>





This reverts commit 8449979ff029af51be0c675c5b6262bc4adc8b3d.

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>







Bump version to 2.6.7
2015-11-18T11:07:26+00:00

Douwe Maan
douwe@gitlab.com

2015-11-18T11:07:26+00:00

827a11c26c8b2ffa6c2af15a626762141f54784a












Merge branch 'mirror-repository' into 'master'

2015-11-17T15:48:53+00:00

Robert Speicher
robert@gitlab.com

2015-11-17T15:48:53+00:00

08f94e6cca568243a3764b8f79d6441d1b5fe456


Add fetch-remote command for repo mirroring

Also exits `import-repository` with non-zero status when import fails.

See merge request !29





Add fetch-remote command for repo mirroring

Also exits `import-repository` with non-zero status when import fails.

See merge request !29