rhodecode-enterprise-ce Files · docs/release-notes/release-notes-3.6.1.rst

security: limit the maximum password lenght to 72 characters to prevent possible...

security: limit the maximum password lenght to 72 characters to prevent possible server side resource consumption attack. - bcrypt heavy computation can lead to DOS using a very long password .eg 10**8 lenght. - we allowed this on registration or on password update

marcink - - Load All Authors

File last commit:

r1:854a839a default


                r2192:a51e727d

stable

Download file

             release-notes-3.6.1.rst
        
                    23 lines
            
             | 533 B
            
                | text/x-rst
            
             |
                RstLexer

/ docs / release-notes / release-notes-3.6.1.rst

History | Annotation | Raw |Copy content |Copy permalink

|RCE| 3.6.1 |RNS|
Release Date
2015-10-19


Security
HTTP response splitting on login redirection has been secured to
prevent header injection.


Fixes
Alphabetically sort the external license dependencies overview for quicker
reading.
Change directory permissions checks for Windows.
Fixed a login redirection issue when using a custom prefix to improve the
user experience when using a proxy server.
Skip reading |repos| with names that contain special characters.

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages