rhodecode-enterprise-ce Files · docs/release-notes/release-notes-4.11.6.rst

permissions: handle more cases for invalidating permission caches...

permissions: handle more cases for invalidating permission caches - invalidate user permissions on chaning the global permissions - invalidate all users in case of creating new object with "copy permissions" flag - invalidate all users permissions in case of repo/repo group renames - invalidate all user permissions in forked repo with copy flag

marcink - - Load All Authors

File last commit:

r2665:f42f8690 stable


                r3411:2e06ebce

stable

Download file

             release-notes-4.11.6.rst
        
                    41 lines
            
             | 489 B
            
                | text/x-rst
            
             |
                RstLexer

/ docs / release-notes / release-notes-4.11.6.rst

History | Annotation | Raw |Copy content |Copy permalink

|RCE| 4.11.6 |RNS|
Release Date
2018-03-28


New Features

General

Security
api(high): fixed unauthorized access to repositories using forged api requests.


Performance

Fixes

Upgrade notes
Unscheduled security release addressing found vulnerability in the API that
allows attackers to gain access to repositories in unauthorized way by forging
data in the API request.

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages