ยซ Changelog History


Gitlab CI v15.3.4 Release Notes

Release Date: 2022-09-29 // 4 months ago

  • ๐Ÿ”’ Security (15 changes)

    • ๐Ÿ”’ [Redact user's private email in group member event webhook](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2794))
    • ๐Ÿ”’ [Redact secrets from WebHookLogs](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2737))
    • ๐Ÿ”’ [Forbid creating a tag using default branch name](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2799))
    • ๐Ÿ”’ [Sanitize Url and check for valid numerical errorId in error tracking](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2785))
    • ๐Ÿ”’ [Add security protection for Github](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2802))
    • ๐Ÿ”’ [Fix leaking emails in WebHookLogs](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2807))
    • ๐Ÿ”’ [Restrict max duration to 1 year for trace display](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2815))
    • ๐Ÿ”’ [Use UntrustedRegexp for upload rewriter](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2791))
    • ๐Ÿ”’ [Validate httpUrlToRepo to be http or https only](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2760))
    • ๐Ÿ”’ [Respect instance level rule for editing approval rules](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2782))
    • ๐Ÿ”’ [Prevent users creating issues in ay project via board/issues controller](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2780))
    • ๐Ÿ”’ [Prevent serialization of sensible attributes from JsonCache](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2771))
    • โšก๏ธ [Update TodoPolicy to handle confidential notes](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2748))
    • ๐Ÿ”’ [Enforce group IP restriction on Dependency Proxy](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2764))
    • ๐Ÿ”’ [Fixes XSS in widget extensions](gitlab-org/security/[email protected]) ([merge request](gitlab-org/security/gitlab!2759))