Skip to content

G
gitlab-shell
Commit fa617316 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets
Browse files
Options

Merge branch 'cve_in_changelog' of /home/git/repositories/gitlab/gitlab-shell

parents 6d1b3763 ca6f6f72
Show whitespace changes
Inline Side-by-side
Showing with 5 additions and 4 deletions
CHANGELOG
View file @ fa617316
v1.7.8 v1.7.8
- Escape repository path to prevent relative links - Escape repository path to prevent relative links (CVE-2013-4583)
v1.7.7 v1.7.7
- Separate options from arguments with -- - Separate options from arguments with -- (CVE-2013-4582)
- Bypass shell and use stdlib JSON for GitlabUpdate (CVE-2013-4581)
v1.7.6 v1.7.6
- Fix gitlab-projects update-head for improted repo when branch exists but not listed in refs/head - Fix gitlab-projects update-head for improted repo when branch exists but not listed in refs/head
...@@ -11,10 +12,10 @@ v1.7.5 ...@@ -11,10 +12,10 @@ v1.7.5
- Remove keys from authorized_keys using ruby instead of shell - Remove keys from authorized_keys using ruby instead of shell
v1.7.4 v1.7.4
- More protection against shell injection - More protection against shell injection (CVE-2013-4546)
v1.7.3 v1.7.3
- Use Kernel#open to append lines to authorized_keys - Use Kernel#open to append lines to authorized_keys (CVE-2013-4490)
v1.7.2 v1.7.2
- More safe command execution - More safe command execution
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7