| ... | ... | @@ -4,16 +4,19 @@ entry. |
|
|
|
|
|
|
|
## 12.5.1
|
|
|
|
|
|
|
|
### Security (8 changes)
|
|
|
|
### Security (11 changes)
|
|
|
|
|
|
|
|
- Check permissions before showing a forked project's source.
|
|
|
|
- Do not create todos for approvers without access. !1442
|
|
|
|
- Hide commit counts from guest users in Cycle Analytics.
|
|
|
|
- Encrypt application setting tokens.
|
|
|
|
- Update Workhorse and Gitaly to fix a security issue.
|
|
|
|
- Hide commit counts from guest users in Cycle Analytics.
|
|
|
|
- Add maven file_name regex validation on incoming files.
|
|
|
|
- Check permissions before showing a forked project's source.
|
|
|
|
- Limit potential for DNS rebind SSRF in chat notifications.
|
|
|
|
- Ensure are cleaned by ImportExport::AttributeCleaner.
|
|
|
|
- Remove notes regarding Related Branches from Issue activity feeds for guest users.
|
|
|
|
- Escape namespace in label references to prevent XSS.
|
|
|
|
- Add authorization to using filter vulnerable in Dependency List.
|
|
|
|
|
|
|
|
|
|
|
|
## 12.5.0
|
| ... | ... | |
| ... | ... | |