GitLab CE - 16.9.6
Security
(2024-04-24)
Security (5 changes)
- Validation for encoded formatting characters (merge request)
- Forbid untrusted sign-ins to GitLab with Bitbucket and fix related uid (merge request)
- Ensure PAT scope is validated everywhere for GraphQL/ActionCable (merge request)
- Protect against ReDoS in FileFinder with wildcard filters (merge request)
- fix: Validate security report version against schema during parsing (merge request)
Security
Security wording was detected, but no CVEs were found.
Details
date
April 24, 2024, midnight
name
16.9.6
type
Patch
👇
Register or login to:
- 🔍View and search all GitLab CE releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!