Commit 86f62d30 authored Mar 09, 2022 by Matthias Fechner

www/gitlab-ce: Security update to 14.8.2

Changelog:
https://about.gitlab.com/releases/2022/02/23/gitlab-14-8-1-released/
https://about.gitlab.com/releases/2022/02/25/critical-security-release-gitlab-14-8-2-released/
https://gitlab.com/gitlab-org/gitlab-foss/-/blob/master/CHANGELOG.md

14.8.2 (2022-02-25)

Security (8 changes)

Limit commands_changes to certain keys (merge request)

Add runners_token prefix to Group and Project (merge request)

Anonymous user can enumerate all users through GraphQL endpoint (merge request)

Check for unsafe characters in email addresses before sending (merge request)

Warn when snippet contains unretrievable files (merge request)

Prevent DOS when rendering math markdown (merge request)

Check permission when creating members through service (merge request)

Reset password field on page load (merge request)

14.8.1 (2022-02-23)

Fixed (3 changes)

Allow assigning users with private profiles with quick-actions (merge request)

Stop backup files from requiring directories to exist when skipped (merge request)

Fix toolbar buttons in Markdown field (merge request)

Security:	2823048d-9f8f-11ec-8c9c-001b217b3468

parent d45ce823

Show whitespace changes

Inline Side-by-side

Please register or to comment