commit 9c6ed890dd721d1c623f422d7a6e7fb6746a9967
Author: Elan Ruusamäe <[email protected]>
Date: Thu Apr 6 22:57:11 2017 +0300
8.17.5 (2017-04-05); SECURITY
- Don't show source project name when user does not have access.
- Remove the class attribute from the whitelist for HTML generated from
Markdown.
- Fix path disclosure in project import/export.
- Fix for open redirect vulnerability using continue[to] in URL when
requesting project import status.
- Fix for open redirect vulnerabilities in todos, issues, and MR
controllers.
gitlab-ce.spec | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
---
diff --git a/gitlab-ce.spec b/gitlab-ce.spec
index 8c602b7..c3615a8 100644
--- a/gitlab-ce.spec
+++ b/gitlab-ce.spec
@@ -18,7 +18,7 @@
%define workhorse_version 1.3.0
Summary: A Web interface to create projects and repositories, manage
access and do code reviews
Name: gitlab-ce
-Version: 8.17.4
+Version: 8.17.5
Release: 0.82
License: MIT
Group: Applications/WWW
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/gitlab-ce.git/commitdiff/9c6ed890dd721d1c623f422d7a6e7fb6746a9967
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
