Gitlab CI v15.3.2 Release Notes

Release Date: 2022-08-30 // 3 months ago
  • ๐Ÿ”’ Security (17 changes)

    • ๐Ÿ”’ [No overriding methods for Sawyer class](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2754))
    • โšก๏ธ [Update Oj to v3.13.21](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2730))
    • ๐Ÿ”’ [Prevent long loops when generating suggested branch name](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2743))
    • ๐Ÿ”’ [IDOR in Zentao integration issue show page](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2740))
    • ๐Ÿ”’ [Patch VULNDB-255039 (potential Rack cache poisoning)](gitlab-org/security/gitl[email protected]) ([merge request](gitlab-org/security/gitlab!2697))
    • ๐Ÿ”’ [HTML escape the label background color](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2719))
    • ๐Ÿ”’ [Sandbox jupyter notebook HTML output](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2710))
    • ๐Ÿ”’ [Fix unauthorized GFM references in Incident Timeline](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2707))
    • โšก๏ธ [Optimize handling repositories with huge trees](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2706))
    • ๐Ÿ”’ [Parse commit trailers without using regexp](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2699))
    • ๐Ÿ”’ [Check for pathological markdown input](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2733))
    • ๐Ÿ”’ [Replaced smooshpack to fix the vulnerability in LivePreview](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2739))
    • โšก๏ธ [Update package auth for group IP allowlist](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2686))
    • ๐Ÿ”’ [Don't show pipeline status](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2712))
    • ๐Ÿ”’ [Sanitize img attributes in Banzai::Filter::ImageLinkFilter](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2722))
    • ๐Ÿ”’ [Validate description length for snippets](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2702))
    • ๐Ÿ”’ [Prevent brute force vuln for Git over HTTP(S) requests](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2716))