##// END OF EJS Templates
mercurial: protocol security updates....
mercurial: protocol security updates. - fixes Mercurial CVE for lack of permissions checking on mercurial batch commands - more strict checks for permissions, now default to push instead of pull to be always on safe side. - decypher batch commands and pick top-most permission to be used

File last commit:

r1249:ee3db851 stable
r2724:7a057a98 default
Show More
release-notes-4.5.2.rst
46 lines | 752 B | text/x-rst | RstLexer

|RCE| 4.5.2 |RNS|

Release Date

  • 2016-12-19

New Features

General

  • Github authentication: no longer require repository permissions when connecting RhodeCode account with Github login.
  • Api: added new function get_repo_refs. This was accidentally exposed in our documentation as valid function, but wasn't implemented. This function is now backported from next major release due the documentation issues.

Security

Performance

Fixes

  • Api: Fixed a regression in API validation on create_* functions. Before this fix it always converted given data to lowercase.
  • System info: fixed reporting of free inodes as taken.

Upgrade notes