GitLab CE - 14.8.2
Security
(2022-02-25)
Security (8 changes)
- Limit commands_changes to certain keys (merge request)
- Add runners_token prefix to Group and Project (merge request)
- Anonymous user can enumerate all users through GraphQL endpoint (merge request)
- Check for unsafe characters in email addresses before sending (merge request)
- Warn when snippet contains unretrievable files (merge request)
- Prevent DOS when rendering math markdown (merge request)
- Check permission when creating members through service (merge request)
- Reset password field on page load (merge request)
Security
Security wording was detected, but no CVEs were found.
Details
date
Feb. 25, 2022, midnight
name
14.8.2
type
Patch
👇
Register or login to:
- 🔍View and search all GitLab CE releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!