ยซ Changelog History


Gitlab CI v13.3.9 Release Notes

Release Date: 2020-11-02 // over 3 years ago

  • ๐Ÿ”’ Security (9 changes)

    • โž• Add CSRF protection to runner pause and resume. !1021
    • Do not expose Terraform state record in API.
    • Path traversal to RCE via LFS upload.
    • Update container_repository_name_regex to prevent catastrophic backtracking.
    • ๐Ÿ“ฆ Validate nuget package names.
    • Prevent private repo from being accessed via internal Kubernetes API.
    • Validate each upload param key in multipart.rb.
    • ๐Ÿ›  Fix XSS vulnerability for job build dependencies.
    • ๐Ÿ›  Fix unauthorized user is able to access schedule pipeline variables and values.