GitLab 6.2
v 6.2.4
- Security: Cast API private_token to string (CVE-2013-4580)
- Security: Require gitlab-shell 1.7.8 (CVE-2013-4581, CVE-2013-4582, CVE-2013-4583)
- Fix for Git SSH access for LDAP users
v 6.2.3
- Security: More protection against CVE-2013-4489
- Security: Require gitlab-shell 1.7.4 (CVE-2013-4490, CVE-2013-4546)
- Fix sidekiq rake tasks
v 6.2.2
- Security: Update gitlab_git (CVE-2013-4489)
v 6.2.1
- Security: Fix issue with generated passwords for new users
v 6.2.0
- Public project pages are now visible to everyone (files, issues, wik, etc.)
THIS MEANS YOUR ISSUES AND WIKI FOR PUBLIC PROJECTS ARE PUBLICLY VISIBLE AFTER THE UPGRADE - Add group access to permissions page
- Require current password to change one
- Group owner or admin can remove other group owners
- Remove group transfer since we have multiple owners
- Respect authorization in Repository API
- Improve UI for Project#files page
- Add more security specs
- Added search for projects by name to api (Izaak Alpert)
- Make default user theme configurable (Izaak Alpert)
- Update logic for validates_merge_request for tree of MR (Andrew Kumanyaev)
- Rake tasks for web hooks management (Jonhnny Weslley)
- Extended User API to expose admin and can_create_group for user creation/updating (Boyan Tabakov)
- API: Remove group
- API: Remove project
- Avatar upload on profile page with a maximum of 100KB (Steven Thonus)
- Store the sessions in Redis instead of the cookie store
- Fixed relative links in markdown
- User must confirm his email if signup enabled
- User must confirm changed email
Upgrade Steps
0. Backup
It's useful to make a backup just in case things go south: (With MySQL, this may require granting "LOCK TABLES" privileges to the GitLab user on the database version)
cd /home/git/gitlab sudo -u git -H bundle exec rake gitlab:backup:create RAILS_ENV=production
1. Stop Server
sudo service gitlab stop
2. Get the latest code
su - git cd /home/git/gitlab sudo -u git -H git fetch sudo -u git -H git checkout 6-2-stable # Latest version of 6-2-stable addresses CVE-2013-4489
3. Update gitlab-shell
cd /home/git/gitlab-shell sudo -u git -H git fetch sudo -u git -H git checkout v1.7.9 # Addresses multiple critical security vulnerabilities
4. Install additional packages
# Add support for lograte for better log file handling sudo apt-get install logrotate
5. Install libs, migration etc
cd /home/git/gitlab # MySQL sudo -u git -H bundle install --without development test postgres --deployment #PostgreSQL sudo -u git -H bundle install --without development test mysql --deployment sudo -u git -H bundle exec rake db:migrate RAILS_ENV=production sudo -u git -H bundle exec rake assets:clean RAILS_ENV=production sudo -u git -H bundle exec rake assets:precompile RAILS_ENV=production sudo -u git -H bundle exec rake cache:clear RAILS_ENV=production
6. Update config files
Tip: to see what changed in gitlab.yml.example in this release use next command
git diff 6-1-stable:config/gitlab.yml.example 6-2-stable:config/gitlab.yml.example
Make /home/git/gitlab/config/gitlab.yml same as https://github.com/gitlabhq/gitlabhq/blob/6-2-stable/config/gitlab.yml.example but with your settings.
Make /home/git/gitlab/config/unicorn.rb same as https://github.com/gitlabhq/gitlabhq/blob/6-2-stable/config/unicorn.rb.example but with your settings.
Copy rack attack middleware config
sudo -u git -H cp config/initializers/rack_attack.rb.example config/initializers/rack_attack.rb
Uncomment config.middleware.use Rack::Attack in /home/git/gitlab/config/application.rb
Set up logrotate
sudo cp lib/support/logrotate/gitlab /etc/logrotate.d/gitlab
7. Update Init script
# Backup the old init scriptsudo cp /etc/init.d/gitlab{,.old}sudo rm /etc/init.d/gitlab# Download the new init script # curl --output /etc/init.d/gitlab https://raw.github.com/gitlabhq/gitlabhq/6-2-stable/lib/support/init.d/gitlab # OR wget --no-check-certificate -O /etc/init.d/gitlab https://raw.github.com/gitlabhq/gitlabhq/6-2-stable/lib/support/init.d/gitlab chmod +x /etc/init.d/gitlab
8. Start application
sudo service gitlab start sudo service nginx restart
9. Check Application Status
Check if GitLab and its environment are configured correctly
cd /home/gitlab su - git bundle exec rake gitlab:env:info RAILS_ENV=production
To make sure you didn't miss anything run a more thorough check with
bundle exec rake gitlab:check RAILS_ENV=production
If all items are green, then congratulations upgrade complete!