##// END OF EJS Templates
mercurial: protocol security updates....
mercurial: protocol security updates. - fixes Mercurial CVE for lack of permissions checking on mercurial batch commands - more strict checks for permissions, now default to push instead of pull to be always on safe side. - decypher batch commands and pick top-most permission to be used

File last commit:

r1:854a839a default
r2724:7a057a98 default
Show More
release-notes-3.0.1.rst
22 lines | 505 B | text/x-rst | RstLexer

|RCE| 3.0.1 |RNS|

General

  • 2015-02-03

News

  • Server info: added more details into server info page.

Fixes

  • Security: fixed severe issue with leaking of auth_tokens(api_keys) on certain API calls.
  • VCS Client: Improved reconnection logic.
  • SVN: forbid certain actions like pull requests on svn repositories.
  • Style: fixed comments with Markdown, and also multiple styling issues.
  • Style: fixed re-captcha html issues.
  • Style: fixed large inputs.