rhodecode-enterprise-ce Files · docs/release-notes/release-notes-5.3.0.rst

ui: changed calls for edit caches to use repo id instead of a name for safer calls to repos which paths have special characters

super-admin - - Load All Authors

File last commit:

r5557:c1a812dd default


                r5646:5f89ea3a

default

Download file

             release-notes-5.3.0.rst
        
                    45 lines
            
             | 886 B
            
                | text/x-rst
            
             |
                RstLexer

/ docs / release-notes / release-notes-5.3.0.rst

History | Annotation | Raw |Copy content |Copy permalink

|RCE| 5.3.0 |RNS|
Release Date
2024-09-17


New Features
System-info: expose rhodecode config for better visibility of set settings for RhodeCode system.


General

Security
Permissions: fixed security problem with apply-to-children from a repo group functionality breaking
permissions for private repositories exposing them despite repo being private.
Git-lfs: fixed security problem with allowing off-chain attacks to replace OID data without validating hash for already present oids.
This allowed to replace an LFS OID content with malicious request tailored to open RhodeCode server.


Performance

Fixes
Fixed problems with incorrect user agent errors


Upgrade notes
RhodeCode 5.3.0 is unscheduled security release to address some build issues with 5.X images

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages