All Versions
662
Latest Version
Avg Release Cycle
13 days
Latest Release
1440 days ago
Changelog History
Page 38
Changelog History
Page 38
-
v12.1.14 Changes
October 07, 2019🔒 Security (1 change)
- Limit search for IID to a type to avoid leaking records with the same IID that the user does not have access to.
-
v12.1.13
October 01, 2019 -
v12.1.12 Changes
September 26, 2019🔒 Security (12 changes)
- ➕ Add a policy check for system notes that may not be visible due to cross references to private items.
- 👀 Display only participants that user has permission to see on milestone page.
- Do not disclose project milestones on group milestones page when project milestones access is disabled in project settings.
- 🔀 Check permissions before showing head pipeline blocking merge requests.
- 🛠 Fix new project path being disclosed through unsubscribe link of issue/merge requests.
- Prevent bypassing email verification using Salesforce.
- Do not show resource label events referencing not accessible labels.
- 👷 Cancel all running CI jobs triggered by the user who is just blocked.
- 🛠 Fix Gitaly SearchBlobs flag RPC injection.
- 🛠 Only render fixed number of mermaid blocks.
- 🔧 Prevent GitLab accounts takeover if SAML is configured.
- ⬆️ Upgrade mermaid to prevent XSS.
-
v12.1.11
September 19, 2019 -
v12.1.10 Changes
September 19, 2019- No changes.
-
v12.1.9
September 10, 2019 -
v12.1.8
August 28, 2019 -
v12.1.6
August 12, 2019 -
v12.1.5 Changes
🔒 Security (2 changes)
- ⬆️ Upgrade Gitaly to 1.53.2 to prevent revision flag injection exploits.
- ⬆️ Upgrade pages to 1.7.1 to prevent gitlab api token recovery from cookie.
-
v12.1.4 Changes
August 05, 2019🛠 Fixed (3 changes, 1 of them is from the community)
- Properly translate term in projects list. !30958
- ➕ Add exclusive lease to mergeability check process. !31082
- Fix Docker in Docker (DIND) listen port behavior change by adding DOCKER_TLS_CERTDIR in CI job templates. !31201 (Cameron Boulton)
🐎 Performance (1 change)
- 👌 Improve job log rendering performance. !31262