Skip to content
Snippets Groups Projects

2425.0.0 release

Merged 2425.0.0 release
development into main
Merged
Ruben Backxrequested to merge
development into main

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
  • GitLab Security Bot
    GitLab Security Bot @GitLab-Security-Bot

    Ruben Backx, this merge request has policy violations and errors. To unblock this merge request, fix these items:

    • Resolve all violations in the following merge request approval policies: Security check. If you think these items shouldn't be violations, ask eligible approvers of each policy to approve this merge request.

    :warning: Violations blocking this merge request

    This merge request introduces these violations:

    1. High · Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation. · build.gradle.kts (Dependency scanning)
    2. Critical · Apache Tomcat: Potential RCE and/or information disclosure and/or information corruption with partial PUT · build.gradle.kts (Dependency scanning)
    3. High · Deserialization of Untrusted Data · build.gradle.kts (Dependency scanning)
    4. Critical · Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability · build.gradle.kts (Dependency scanning)
    5. High · SslHandler doesn't correctly validate packets which can lead to native crash when using native SSLEngine · build.gradle.kts (Dependency scanning)
    6. High · Apache Tomcat - DoS in multipart upload · build.gradle.kts (Dependency scanning)
    7. High · Bouncy Castle crafted signature and public key can be used to trigger an infinite loop · build.gradle.kts (Dependency scanning)
    8. High · Bouncy Castle Java Cryptography API vulnerable to DNS poisoning · build.gradle.kts (Dependency scanning)
    9. High · Apache Commons Improper Access Control vulnerability · build.gradle.kts (Dependency scanning)
    10. High · jose4j uses weak cryptographic algorithm · build.gradle.kts (Dependency scanning)

    More violations have been detected in addition to the list above.

    :information_source: Comparison pipelines

    Edited by GitLab Security Bot
  • Ruben Backx added 2 commits

    added 2 commits

    • b2ce24a3 - [ConsecutiveQueueSlots] Fixed being able to take untakeable slots
    • 928514e4 - Merge branch...

    Compare with previous version

  • Ruben Backx added 1 commit

    added 1 commit

    Compare with previous version

  • Ruben Backx approved this merge request

    approved this merge request

  • Ruben Backx enabled automatic add to merge train when checks pass

    enabled automatic add to merge train when checks pass

  • Ruben Backx started a merge train

    started a merge train

  • Ruben Backx removed this merge request from the merge train because The pipeline did not run. Review the workflow:rules configuration for the pipeline.

    removed this merge request from the merge train because The pipeline did not run. Review the workflow:rules configuration for the pipeline.

  • Ruben Backx started a merge train

    started a merge train

  • Ruben Backx removed this merge request from the merge train because The pipeline did not run. Review the workflow:rules configuration for the pipeline.

    removed this merge request from the merge train because The pipeline did not run. Review the workflow:rules configuration for the pipeline.

  • Ruben Backx started a merge train

    started a merge train

  • Ruben Backx removed this merge request from the merge train because The pipeline did not run. Review the workflow:rules configuration for the pipeline.

    removed this merge request from the merge train because The pipeline did not run. Review the workflow:rules configuration for the pipeline.

  • Ruben Backx mentioned in commit 6ea69963

    mentioned in commit 6ea69963

  • Ruben Backx merged

    merged

Please register or sign in to reply