Recently GitLab released new version updates 11.2.3, 11.1.6, and 11.0.6 for GitLab Community Edition (CE) and Enterprise Edition (EE). These versions contain a number of important security fixes, GitLab recommends that all GitLab installations be upgraded to one of these versions right away.
What’s fixed:
1. Persistent XSS in CI/CD Pipeline Tooltip – Solved
Versions Affected
Affects GitLab CE/EE 10.7 and later
2. GitLab.com Zeroconf Endpoints in GCP Issue – Solved
Versions Affected
Affects GitLab.com and instances deployed to GCP
3.Persistent XSS in Merge Request Changes View – Solved
Versions Affected
Affects GitLab CE/EE 11.1 and 11.2
4. Sensitive Data Disclosure in Sidekiq Logs – Solved
Versions Affected
Affects GitLab CE/EE 8.10.0 and later
5. CSRF Vulnerability in System Hooks – Solved
Versions Affected
Affects GitLab 2.7.0pre and later
6.Orphaned Project Upload Files – Solved
Versions Affected
Affects GitLab CE/EE 8.10.0 and later.
7.Repository Storage value change via API – Solved
Versions Affected
Affects GitLab EE 8.10 and later
GitLab 11.2 version release came with enhancements to the Web IDE, support for manifest files to import Android projects, offer instance-wide custom custom project templates.
The Web IDE makes it faster and easier to contribute changes to your projects by providing an advanced code editor with commit staging right within your browser. With GitLab 11.2 it’s even easier to see the effect of your code changes and debug even before you commit. You can now preview your JavaScript web app in the Web IDE, viewing your changes in real time, right next to the code for client-side evaluation.In addition, with 11.2, you can delete and rename files and switch branches without ever leaving the Web IDE.
With the new support for XML manifest files, you can now import larger project structures with multiple repositories altogether, in bulk, including Android OS code from the Android Open Source Project (AOSP).
With 11.2, GitLab administrators can offer instance-wide custom project templates, allowing users to start new projects quickly by automating repetitive setup tasks.
Interested in GitLab licenses? Contact us to know more.
Siddanth has worked with Zoho/ManageEngine, HackerEarth, and other startups prior to joining Lyra. With over 9+ years of experience, he is in charge of the brand building, generating revenues, marketing Lyra’s services, getting more qualified leads and business for Lyra. He is Hubspot Certified Inbound, Content, and Email marketer and a tech blogger.
Sachin Kaushik has over 16 years’ experience in Open Source, Embedded Linux, Middleware, tools and selling complete solutions to customers globally. Sachin is the former Group Manager of Cavium Networks (MontaVista Software Group, IDC). Prior to MontaVista, he was the Vice President Business Development of Celestial and was associated in its growth since Aug 2002. Sachin holds a Masters degree in Business Administration and Bachelors in Electrical Engineering.
Praful comes with over 25 years of experience in Embedded, Automotive, and the Telecom industries. His areas of expertise include Design & Development, Consulting & Support, and Technical Solution Architecting in the areas of Embedded Systems, Networking, and Systems Software. He has in-depth knowledge in Embedded Systems design – using both, real-time Operating Systems such as VxWorks as well as Open Source Operating Systems. Praful has worked with Wind River Systems for over a decade in various roles such as Technical Consultant, Technical Account Manager, and Field Operations Manager for the Asia-Pacific Region before joining Lyra.
Founded in 1999, Credativ is an independent consulting and services company which operates from five centres — India, Germany, UK, US, and Canada. Credativ offers a vast knowledge base that can be utilized by clients at any given time. The company is recognized for its specialized development and experienced deployment of Free Software such as Debian operating system, PostgreSQL, OpenERP, KDE desktop, among others. Customers can benefit from their sound know-how and wide-ranging experience in consultancy and project implementation. Their customers range from SMEs and large enterprises to public and government organizations.
Newforma’s intuitive Project Information Management (PIM) technology promotes collaboration between individuals, project teams, and enterprises in the AECO industry. Design and construction professionals have used the Newforma software to deliver more than two million projects successfully worldwide. By building a connected project environment, Newforma optimizes the processes by which critical information is captured, shared and managed, and delivers a productive experience for architects, designers, builders, owners, et al.
GitLab Inc. is based on the GitLab open-source project. It is an application to code, test, and deploy code collectively. It provides Git repository management with fine grained access controls, code reviews, issue tracking, activity feeds, wikis, and continuous integration. A result of a community project, over 1000 people worldwide have contributed to GitLab with the vision to serve the community’s needs and lead by example.
Perforce Software helps companies build complex products collectively and securely. Its highly scalable Source Code Management (SCM) and collaboration platform — Perforce Helix — enables global teams to collaborate on files of any type or size. It supports both centralized and distributed (DVCS) workflows while safeguarding intellectual property equipped with advanced behavioral analytics. Perforce is trusted by the world’s most innovative brands, including Adidas, Samsung, NVIDIA, Intuit, Pixar, Salesforce, EA, Ubisoft, and VMware. The company has offices in the US, the United Kingdom, Canada and Australia, and sales partners around the globe.
Electric Cloud is the leader in enterprise Continuous Delivery and DevOps automation. They help mobile development organizations, embedded systems, and enterprise web/IT applications deliver better software faster by automating and accelerating build, test, and deployment processes. Industry leaders such as Qualcomm, SpaceX, Cisco, GE, Gap, and E*TRADE use Electric Cloud solutions and services to boost DevOps productivity and agility.
Bomgar/Beyond Trust is the leader in Secure Access solutions. Their leading remote support, privileged access management, and identity management solutions help professionals improve productivity and security. This is achieved by enabling secure, controlled connections to any system or device, across the globe. More than 10,000 organizations world over use Bomgar/Beyond Trust to deliver superior support services and reduce threats to valuable data and systems. Bomgar/Beyond Trust is privately held with offices in Atlanta, Jackson, Washington DC, Frankfurt, London, Paris, and Singapore.
Black Duck Software was founded in 2003 by visionary technologist Doug Levin. He recognized that the growing use for open source code would ultimately result in licensing and compliance issues for their companies. Hence, Black Duck Software’s open source solutions were developed with a focus on helping organizations secure and manage the use of open source in their applications, containers, and SDLC.
Pranav was a key member of the team that completed India’s first book built IPO in 1999 and later, India’s first private telecom company IPO in [year]. He serves as an Independent Director on the boards of several for-profit and non-profit organizations.
With over 9 years of experience, Jalpa heads the audit team and is responsible for technical project management for Lyra. She has also worked on multiple projects catering to customers from domestic and international markets across various sectors.
Anudweipayan comes with 11-year experience and proven expertise in project management and service delivery and management domains. He has also worked for several customers in the energy sector across the globe.
With extensive experience in the finance department, Girish is responsible for the financial operations of Lyra’s consolidated business worldwide. These include financial planning and reporting, balance sheet management, accounting, audit, tax, treasury, and global financial services.
Leading the sales and client relationship department for Lyra, Rajeev plays a pivotal role in building enterprise-wide sales programs, bolstering account management efforts, and applying best practices.
An accomplished sales, marketing, and business development professional with over 18 years experience in the IT and Telecom industries, Deepak has contributed to the growth of several start-ups as a founding team member.
Sree Deepak has worked in a host of management roles within the mobile internet, media, and technology industries. Along with spearheading Lyra’s marketing strategy for launching services overseas, Deepak leads the charge of building Lyra’s footprint both in ASEAN and in India.
Sundar comes with well-rounded experience in the embedded IT industry, customer relationship management, and large SI consultation. His distinguished stint at Lyra includes donning various leadership roles in the Technology, Business Development, and Sales Departments.
Prasad has worked with Wind River International Inc. and Celestial Systems Pvt. Ltd prior to joining Lyra. With over 14 years of experience, he is incharge of improving the operational systems, processes, and best practices that guarantee organizational well-being at Lyra.
Rohit has worked with a host of companies like SDRC and ISI before starting his own venture in 2007. With more than 25 years of experience, he currently manages Sales and Operations for Lyra.