Gitlab CI v14.10.5

« Changelog History

Gitlab CI v14.10.5 Release Notes

• 🔒 Security (17 changes)

  • 🔒 [Fix group IP restrictions not enforced for container registry requests](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2552))
  • ⚡️ [Update rack gem to version 2.2.3.1](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2554))
  • 🔒 [Gitlab Runner version upgrade](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2567))
  • ⚡️ [Update ProjectAttributesTransformer to use fixed number of attributes](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2549))
  • 🚀 [Escape deploy key title to prevent XSS](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2494))
  • 🔒 [Sanitize ZenTao breadcrumb links](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2557))
  • 🔒 [Fix permissions in the project labels API](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2534))
  • 🔒 [Security fix sentry issue leaks and access level check](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2501))
  • 🔒 [Check permissions before exposing user two factor enabled](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2525))
  • 🚀 [Filter milestone release by user access](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2537))
  • 🔒 [Fix the required access level in the Conan packages finder](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2485))
  • 🔒 [Allow inviting only groups with subset of allowed domains to groups](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2512))
  • 🔒 [Fix open redirect vulnerability](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2540))
  • 🔒 [Adds a filter based on user access to Runner jobs endpoint](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2497))
  • 🔒 [Prevent runners from picking IP restricted jobs](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2503))
  • 🔒 [Restrict CI lint access to pipeline creators](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2515))
  • 🔒 [Catch endless headers when reading HTTP responses](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2529))

• All Versions
• Previous v14.10.4
• Next v15.0.0
• Latest Version