GitLab v13.0.1 Release Notes
Release Date: 2020-05-27 // almost 4 years ago-
๐ Security (12 changes)
- โ Add an extra validation to Static Site Editor payload.
- Hide EKS secret key in admin integrations settings.
- โ Added data integrity check before updating a deploy key.
- Display only verified emails on notifications and profile page.
- Require confirmed email address for GitLab OAuth authentication.
- Kubernetes cluster details page no longer exposes Service Token.
- ๐ Fix confirming unverified emails with soft email confirmation flow enabled.
- Disallow user to control PUT request using mermaid markdown in issue description.
- Check forked project permissions before allowing fork.
- ๐ Limit memory footprint of a command that generates ZIP artifacts metadata.
- ๐ Fix file enuming using Group Import.
- Prevent XSS in the monitoring dashboard.