Master security update
What does this MR do?
Bring the security updates from the 9.2.5 release into master.
I have cherry-picked what I could from the release, and for the MRs that did not apply cleanly, and had a bunch unrelated commits, I merged https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11993 in order to cleanly get there changes.
Are there points in the code the reviewer needs to double check?
Why was this MR needed?
Screenshots (if relevant)
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated -
API support added - Tests
-
Added for this feature/bug -
All builds are passing
-
-
Conform by the merge request performance guides -
Conform by the style guides -
Branch has no merge conflicts with master
(if it does - rebase it please) -
Squashed related commits together