All Versions
662
Latest Version
Avg Release Cycle
13 days
Latest Release
1439 days ago
Changelog History
Page 38
Changelog History
Page 38
-
v12.1.14 Changes
October 07, 2019๐ Security (1 change)
- Limit search for IID to a type to avoid leaking records with the same IID that the user does not have access to.
-
v12.1.13
October 01, 2019 -
v12.1.12 Changes
September 26, 2019๐ Security (12 changes)
- โ Add a policy check for system notes that may not be visible due to cross references to private items.
- ๐ Display only participants that user has permission to see on milestone page.
- Do not disclose project milestones on group milestones page when project milestones access is disabled in project settings.
- ๐ Check permissions before showing head pipeline blocking merge requests.
- ๐ Fix new project path being disclosed through unsubscribe link of issue/merge requests.
- Prevent bypassing email verification using Salesforce.
- Do not show resource label events referencing not accessible labels.
- ๐ท Cancel all running CI jobs triggered by the user who is just blocked.
- ๐ Fix Gitaly SearchBlobs flag RPC injection.
- ๐ Only render fixed number of mermaid blocks.
- ๐ง Prevent GitLab accounts takeover if SAML is configured.
- โฌ๏ธ Upgrade mermaid to prevent XSS.
-
v12.1.11
September 19, 2019 -
v12.1.10 Changes
September 19, 2019- No changes.
-
v12.1.9
September 10, 2019 -
v12.1.8
August 28, 2019 -
v12.1.6
August 12, 2019 -
v12.1.5 Changes
๐ Security (2 changes)
- โฌ๏ธ Upgrade Gitaly to 1.53.2 to prevent revision flag injection exploits.
- โฌ๏ธ Upgrade pages to 1.7.1 to prevent gitlab api token recovery from cookie.
-
v12.1.4 Changes
August 05, 2019๐ Fixed (3 changes, 1 of them is from the community)
- Properly translate term in projects list. !30958
- โ Add exclusive lease to mergeability check process. !31082
- Fix Docker in Docker (DIND) listen port behavior change by adding DOCKER_TLS_CERTDIR in CI job templates. !31201 (Cameron Boulton)
๐ Performance (1 change)
- ๐ Improve job log rendering performance. !31262