##// END OF EJS Templates
config: updated header limits on gunicorn
config: updated header limits on gunicorn

File last commit:

r2257:9c2fac6d stable
r3527:57fb7c38 default
Show More
release-notes-4.10.5.rst
55 lines | 1.3 KiB | text/x-rst | RstLexer
/ docs / release-notes / release-notes-4.10.5.rst
docs: added release notes for 4.10.5
r2257 |RCE| 4.10.5 |RNS|
------------------
Release Date
^^^^^^^^^^^^
- 2017-11-23
New Features
^^^^^^^^^^^^
General
^^^^^^^
- dependencies: pin against rhodecode-tools 0.13.1. Fixes a cleanup-repos bug.
Security
^^^^^^^^
- Pull requests: security(low), check for permissions on exposure of repo-refs.
Prevents exposure of branches/tags on private repositories.
- Metatags: limit the scope of url => metatag to http, https and / links.
Prevents possible JS injection in those types of links which is unsafe.
Performance
^^^^^^^^^^^
Fixes
^^^^^
- Emails: fixed validation of emails with whitespace in them.
- Repo groups: fix bad route redirect on check if user tried to revoke
permissions on himself.
- Comments: place the left over comments (outdated/misplaced) to the left or
right pane in side-by-side diff.
- Comments: allow to properly initialize outdated comments that are still attached.
Fixes a problem when outdated TODO notes couldn't be properly resolved.
- Diffs: fixed problem with rendering no newline at the end of file markers.
In case of unified diff that would show incorrect diffs in rare cases.
- Settings: fix potential 500 problem on bad data passed in.
Upgrade notes
^^^^^^^^^^^^^
- Fixes regression in nested repository groups update. No upgrade problems should
be expected