Gitlab -- Multiple Vulnerabilities

Gitlab reports:

Arbitrary File Read when Moving an Issue
Memory Exhaustion via Excessive Logging of Invite Email Error
Denial of Service Through Project Import Feature
User Controlled Git Configuration Settings Resulting in SSRF
Stored XSS in Issue Reference Number Tooltip
Stored XSS in Issues List via Milestone Title
Improper Access Control After Group Transfer
Bypass Email Verification Required for OAuth Flow
Confusion When Using Hexadecimal Branch Names
Insufficient OAuth Revocation
Improper Access Control for Project Sharing
Stored XSS in Jobs Page
Improper Access Control of Applications Page
SSRF into Shared Runner
Update Kramdown Gem