Gitlab CI v13.0.8 Release Notes
Release Date: 2020-07-01 // almost 4 years ago-
๐ Security (18 changes)
- โก๏ธ Update xterm js dependency to latest stable 3.x version.
- Do not show activity for users with private profiles.
- ๐ Fix stored XSS in markdown renderer.
- โฌ๏ธ Upgrade swagger-ui to solve XSS issues.
- ๐ Fix group deploy token API authorizations.
- ๐ Check access when sending TODOs related to merge requests.
- ๐ Change from hybrid to JSON cookies serializer.
- Prevent XSS in group name validations.
- Disable caching for wiki attachments.
- Disable Github Importer API by settings.
- ๐ Fix null byte error in upload path.
- โก๏ธ Update permissions for time tracking endpoints.
- โ Add snippet repository validation after bundle import.
- โก๏ธ Update Kaminari gem.
- ๐ Fix note author name rendering.
- Sanitize bitbucket repo urls to mitigate XSS.
- Stored XSS on the Error Tracking page.
- ๐ Fix security issue when rendering issuable.