##// END OF EJS Templates
feat(task-for-automatic-pr-merge): added f-ty to support pull request auto merge for EE. Fixes: RCCE-67
feat(task-for-automatic-pr-merge): added f-ty to support pull request auto merge for EE. Fixes: RCCE-67

File last commit:

r5557:c1a812dd default
r5657:027566d5 default
Show More
release-notes-5.3.0.rst
45 lines | 886 B | text/x-rst | RstLexer

|RCE| 5.3.0 |RNS|

Release Date

  • 2024-09-17

New Features

  • System-info: expose rhodecode config for better visibility of set settings for RhodeCode system.

General

Security

  • Permissions: fixed security problem with apply-to-children from a repo group functionality breaking permissions for private repositories exposing them despite repo being private.
  • Git-lfs: fixed security problem with allowing off-chain attacks to replace OID data without validating hash for already present oids. This allowed to replace an LFS OID content with malicious request tailored to open RhodeCode server.

Performance

Fixes

  • Fixed problems with incorrect user agent errors

Upgrade notes

  • RhodeCode 5.3.0 is unscheduled security release to address some build issues with 5.X images