Gitlab CI v13.2.10 Release Notes
Release Date: 2020-10-01 // over 3 years ago-
๐ Security (14 changes)
- Do not store session id in Redis.
- ๐ Fix permission checks when updating confidentiality and milestone on issues or merge requests.
- Purge unaccepted member invitations older than 90 days.
- โ Adds feature flags plan limits.
- ๐ Prevent SVG XSS via Web IDE.
- Ensure user has no solo owned groups before triggering account deletion.
- ๐ Security fix safe params helper.
- ๐ Do not bypass admin mode when authenticated with deploy token.
- ๐ Fixes release asset link filepath ReDoS.
- Ensure global ID is of Annotation type in GraphQL destroy mutation.
- Validate that membership expiry dates are not in the past.
- Rate limit adding new email and re-sending email confirmation.
- ๐ Fix redaction of confidential Todos.
- โก๏ธ Update GitLab Runner Helm Chart to 0.19.4.