GitLab CE - 13.11.6
Security
(2021-07-01)
Added (1 change)
- Added omniauth_user check when verifying user cap (merge request) GitLab Enterprise Edition
Security (15 changes)
- Bump rails gem version to 6.0.3.7 (merge request)
- Update rdoc to 6.3.1 (merge request)
- Prevent GraphQL API access by deactivated users (merge request)
- Add sanitizing for name field (merge request)
- Copy feature visibility settings to a fork (merge request)
- Avoid disclosing project in web IDE (merge request)
- Add new username validation (merge request)
- Allow only same-origin URLs for Edit Release Cancel button (merge request)
- Limit creation of issues based on issue type (merge request)
- Update Nokogiri to 1.11.4 (merge request)
- Fix deploy key fallback issue in protected branch (merge request)
- Fix XSS on audit log for feature flag actions (merge request)
- Sanitize input on pasteGFM (merge request)
- Add total http read timeout (merge request)
- Fix merge request diff display issue with unsupported encoding (merge request)
Security
Security wording was detected, but no CVEs were found.
Details
date
July 1, 2021, midnight
name
13.11.6
type
Patch
👇
Register or login to:
- 🔍View and search all GitLab CE releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!