gitlab-org--gitlab-foss/changelogs/unreleased/security-61974-limit-issue-comment-size.yml
Alexandru Croitor 5af535d919 Limit the size of issuable description and comments
Limiting the size of issuable description and comments to 1_000_000,
which is close to ~1MB of ASCII characters, which represents 99.9% of
all descriptions and comments we have in DB at the moment. This should
help prevent DoS attacks when comments contain refference strings.

Also this change updates regexp matching the namespaces paths by
limiting the namespaces paths to Namespace::NUMBER_OF_ANCESTORS_ALLOWED,
as we allow 20 levels deep groups.

see https://gitlab.com/gitlab-org/gitlab-ce/issues/61974#note_191274234
2019-08-22 10:43:13 +03:00

5 lines
101 B
YAML

---
title: Limit the size of issuable description and comments
merge_request:
author:
type: security