All Versions
662
Latest Version
Avg Release Cycle
13 days
Latest Release
1847 days ago

Changelog History
Page 24

  • v13.0.10 Changes

    July 09, 2020

    ๐Ÿ›  Fixed (1 change)

    • ๐Ÿ›  Fix gitlab:*:check Rake tasks. !35944

  • v13.0.9 Changes

    July 06, 2020
    • No changes.

  • v13.0.8 Changes

    July 01, 2020

    ๐Ÿ”’ Security (18 changes)

    • โšก๏ธ Update xterm js dependency to latest stable 3.x version.
    • Do not show activity for users with private profiles.
    • ๐Ÿ›  Fix stored XSS in markdown renderer.
    • โฌ†๏ธ Upgrade swagger-ui to solve XSS issues.
    • ๐Ÿ›  Fix group deploy token API authorizations.
    • ๐Ÿ”€ Check access when sending TODOs related to merge requests.
    • ๐Ÿ”„ Change from hybrid to JSON cookies serializer.
    • Prevent XSS in group name validations.
    • Disable caching for wiki attachments.
    • Disable Github Importer API by settings.
    • ๐Ÿ›  Fix null byte error in upload path.
    • โšก๏ธ Update permissions for time tracking endpoints.
    • โž• Add snippet repository validation after bundle import.
    • โšก๏ธ Update Kaminari gem.
    • ๐Ÿ›  Fix note author name rendering.
    • Sanitize bitbucket repo urls to mitigate XSS.
    • Stored XSS on the Error Tracking page.
    • ๐Ÿ›  Fix security issue when rendering issuable.

  • v13.0.7 Changes

    June 25, 2020

    ๐Ÿ›  Fixed (7 changes)

    • Group authorization refresh to consider shared groups. !31204
    • ๐Ÿ›  Fix Value Stream Analytics summary when using non-english locale. !33717
    • ๐Ÿ›  Fix bug with variable substitution in alerts. !33772
    • Fix relative URL root in wiki_base_path. !33841
    • ๐Ÿ‘ท Adjust wrong column reference for ResetMergeStatus (background job). !33899
    • โšก๏ธ Updated Auto DevOps with a fix to delete PostgreSQL PVC on environment cleanup. !34657
    • ๐ŸŒฒ Load user before logging git http-requests. !34923

    โž• Added (2 changes)

    • Provide __range variable for Prometheus queries. !33521
    • Periodically recompute project authorizations. !34071

  • v13.0.6 Changes

    June 10, 2020
    • No changes.

  • v13.0.5

    June 04, 2020

  • v13.0.4 Changes

    June 03, 2020

    ๐Ÿ”’ Security (1 change)

    • Prevent fetching repository code with unauthorized ci token.

  • v13.0.3 Changes

    May 29, 2020

    ๐Ÿ›  Fixed (8 changes, 1 of them is from the community)

    • ๐Ÿ›  Fixed redirection to project snippets. !32530
    • ๐Ÿ›  Fix Geo replication for design thumbnails. !32703
    • ๐Ÿ›  Fix 404s downloading build artifacts. !32741
    • ๐Ÿ›  Fix Auto DevOps manual rollout jobs not being allowed to fail. !32865
    • โšก๏ธ Update deprecated routes in irker integration. !32923 (Marc Jeanmougin)
    • ๐Ÿ”„ Change format of variables parameter in Prometheus proxy API for metrics dashboard. !33062
    • ๐Ÿ›  Fix issue and MR API performance regression when Markdown cache is stale. !33235
    • ๐Ÿ›  Fix close issue when user created the issue. !33294

  • v13.0.2

    May 28, 2020

  • v13.0.1 Changes

    May 27, 2020

    ๐Ÿ”’ Security (12 changes)

    • โž• Add an extra validation to Static Site Editor payload.
    • Hide EKS secret key in admin integrations settings.
    • โž• Added data integrity check before updating a deploy key.
    • Display only verified emails on notifications and profile page.
    • Require confirmed email address for GitLab OAuth authentication.
    • Kubernetes cluster details page no longer exposes Service Token.
    • ๐Ÿ›  Fix confirming unverified emails with soft email confirmation flow enabled.
    • Disallow user to control PUT request using mermaid markdown in issue description.
    • Check forked project permissions before allowing fork.
    • ๐Ÿ“‡ Limit memory footprint of a command that generates ZIP artifacts metadata.
    • ๐Ÿ›  Fix file enuming using Group Import.
    • Prevent XSS in the monitoring dashboard.