diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-01 16:23:40 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-01 16:23:40 +0000 |
| commit | 44e981b3fb85a561c9d93f6d823d562b27789df4 (patch) | |
| tree | 4d3748f99871b44b64fa4074ff9ecf1eba1ade44 | |
| parent | 099b28ae99587b05e644eafab0e60bd56a19befd (diff) | |
| download | gitlab-ce-44e981b3fb85a561c9d93f6d823d562b27789df4.tar.gz | |
Add latest changes from gitlab-org/security/gitlab@15-9-stable-eev15.9.6
| -rw-r--r-- | CHANGELOG.md | 13 | ||||
| -rw-r--r-- | GITALY_SERVER_VERSION | 2 | ||||
| -rw-r--r-- | GITLAB_PAGES_VERSION | 2 |
3 files changed, 15 insertions, 2 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index f8582f91b45..5330484d047 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,19 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 15.9.6 (2023-05-01) + +### Security (8 changes) + +- [Resolve ambiguous references for archive metadata](gitlab-org/security/gitlab@233b0f78baf8eb9adcfd77e4d1aa606d54472d34) ([merge request](gitlab-org/security/gitlab!3203)) +- [Commit trailers now only match public user email addresses](gitlab-org/security/gitlab@e360774721bb9b5f6a2da9908ef08d92ad5a79cd) ([merge request](gitlab-org/security/gitlab!3209)) +- [Handle invalid URLs in asset proxy](gitlab-org/security/gitlab@ee6df7196b14014b5416f090a684e3b6ba600b5a) ([merge request](gitlab-org/security/gitlab!3213)) +- [Relay state to check for only allowing sub paths](gitlab-org/security/gitlab@c690eec0a2f8aa506b8ff3ffadf306aa91501648) ([merge request](gitlab-org/security/gitlab!3221)) +- [Prohibit 40 character hex sets at beginning of path-based branch name](gitlab-org/security/gitlab@889683b6b1884bfc36208dfae899d0fb9437246c) ([merge request](gitlab-org/security/gitlab!3195)) +- [Update policy to prevent banned members from accessing public projects](gitlab-org/security/gitlab@1abcbdc23881dab5f675e858afa31be87d5d47ce) ([merge request](gitlab-org/security/gitlab!3187)) +- [Use dummy filename as filename when viewing raw xml files](gitlab-org/security/gitlab@33563159bcc7d46c95f013bf089ed94128f10379) ([merge request](gitlab-org/security/gitlab!3193)) +- [Authorize access to vulnerabilitiesCountByDay resolver](gitlab-org/security/gitlab@4b0825f79b0a27eeddabaee0b3a7f627b2487706) ([merge request](gitlab-org/security/gitlab!3181)) + ## 15.9.5 (2023-04-21) ### Fixed (1 change) diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION index 252fd0533de..c7c1b69191f 100644 --- a/GITALY_SERVER_VERSION +++ b/GITALY_SERVER_VERSION @@ -1 +1 @@ -15.9.5
\ No newline at end of file +15.9.6
\ No newline at end of file diff --git a/GITLAB_PAGES_VERSION b/GITLAB_PAGES_VERSION index 252fd0533de..c7c1b69191f 100644 --- a/GITLAB_PAGES_VERSION +++ b/GITLAB_PAGES_VERSION @@ -1 +1 @@ -15.9.5
\ No newline at end of file +15.9.6
\ No newline at end of file |