GitLab CE - 16.2.8
Security
(2023-09-28)
Security (16 changes)
- Mark any CI builds that are not complete as canceled when imported (merge request)
- Destroy group service accounts when removing group (merge request)
- Fix SSO Enforcement for shared groups and projects (merge request)
- Prevents Ci::Build data from being rendered (merge request)
- Update dependency auto-deploy-image to v2.55.0 (merge request)
- Allow only one membership for security policy bots (merge request)
- Reset all approvals when target branch changes (merge request)
- Default to using the asset proxy (merge request)
- Restrict Project Fork Linking to Owners and Admins (merge request)
- Prevent math hijacking page elements (merge request)
- Delete of member branch protection rules cascadingly (merge request)
- Prevent collaboration across forks when author cannot push (merge request)
- Allow Maintainer+ to list Sentry projects (merge request)
- Fix leaking source code of restricted project through a fork (merge request)
- Prevent leaking CI variables via fork MRs (merge request)
- Pipelines will have no access to protected vars and may fail with tags (merge request)
Security
Security wording was detected, but no CVEs were found.
Details
date
Sept. 28, 2023, midnight
name
16.2.8
type
Patch
👇
Register or login to:
- 🔍View and search all GitLab CE releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!