Skip to content

9.1.3-ce.0
Compare
Choose a tag to compare
@pozgo pozgo released this 11 May 17:41
9.1.3-ce.0
b9682d8

9.1.3 (2017-05-05)

  • Do not show private groups on subgroups page if user doesn't have access to.
  • Enforce project features when searching blobs and wikis.
  • Fixed branches dropdown rendering branch names as HTML.
  • Make Asciidoc & other markup go through pipeline to prevent XSS.
  • Validate URLs in markdown using URI to detect the host correctly.
  • Fix for XSS in project import view caused by Hamlit filter usage.
  • Sanitize submodule URLs before linking to them in the file tree view.
  • Refactor snippets finder & dont return internal snippets for external users.
  • Fix snippets visibility for show action - external users can not see internal snippets.
Assets 2
Loading