Gitlab 8.7.4 今天又发布了,包括社区版和企业版。该版本包含两个安全的修复,强烈建议升级。这个漏洞影响所有 Gitlab 用户。
修复的问题包括:
EE: Delete ProjectImportData record only if Project is not a mirror (!370)
EE: Fixed typo in GitLab Geo license check alert (!379)
CE/EE: Links for Redmine issue references are generated correctly again (!4048)
CE/EE: Fix setting trusted proxies (!3970)
CE/EE: Fix Bitbucket importer bug when throwing exceptions (!3941)
CE/EE: Use sign out path only if not empty (!3989)
CE/EE: Running rake gitlab:db:drop_tables now drops tables with cascade (!4020)
CE/EE: Running rake gitlab:db:drop_tables uses IF EXISTS as a precaution (!4100)
安全修复:
CE/EE: Use a case-insensitive comparison in sanitizing URI schemes (#17299)
EE: Fix LDAP access level spillover bug (#552)
详细漏洞描述请看:
https://about.gitlab.com/2016/05/11/gitlab-8-dot-7-dot-4-released/
软件详情:https://github.com/gitlabhq/gitlabhq/releases
来自:开源中国社区
