##// END OF EJS Templates
rhodecode-enterprise-ce
RSS
security: limit the maximum password lenght to 72 characters to prevent possible...
security: limit the maximum password lenght to 72 characters to prevent possible server side resource consumption attack. - bcrypt heavy computation can lead to DOS using a very long password .eg 10**8 lenght. - we allowed this on registration or on password update
marcink - - Load All Authors

File last commit:

r1:854a839a default
r2192:a51e727d stable
Show More
release-notes-2.2.6.rst
26 lines | 942 B | text/x-rst | RstLexer
/ docs / release-notes / release-notes-2.2.6.rst
History | Annotation | Raw |Copy content |Copy permalink

|RCE| 2.2.6 |RNS|

General

  • 2014-12-03

News

  • Repository locking requires at least write permission to repository.
  • API: added add/remove methods for extra fields
  • New repositories/ repository groups should be created using 0755 mode not 0777
  • Added editable owner field for repository groups
  • Added editable owner field for user groups
  • API: Permission delegation on grant/revoke user permission functions
  • Auth plugin can create user creation state on first login
  • New license logic

Fixes

  • Fix issue with unicode email addresses in custom gravatar template
  • Protect against empty author string
  • Fixed issue with multiprocess setup and cached global settings
  • Fixed issues with IIS and proxied ports
  • Fixed issue with mysql column size on installing RhodeCode
  • Fixed issue with API call for update repo when a repo inside a group was badly renamed when doing those calls