Today we are releasing version 11.8.2 for GitLab Community Edition and Enterprise Edition.
This version resolves a number of regressions and bugs in this month's 11.8.0 release and prior versions.
GitLab Community Edition and Enterprise Edition
- Docs review: MR diffs external storage
- Remove padding for mr-widget-section
- Update minimum ruby version to 2.5.
- Properly handle multiple X-Forwarded-For addresses in runner IP
- Allow
:read_listwhen:read_groupis allowed - Fix method to mark a project repository as writable
- Resolve "Gitlab Project import fails: sidekiq undefined method import_jid"
- Remove feature_flags_environment_scope feature flag
- Fix GroupSAML metadata feature flag
- Fix typo in Roadmap sorting causing scrolling to fail on null dates
- Compute approved approver for merged MR if it is absent
- Fix multiple approval rules license level
- Fix bridge jobs than can be hidden keys too
- Fix Approval UI showing up for free plan
- Resolve "Add "No approval required" state to approval rules MR component"
Security fix
Public project in a private group makes the group page publicly accessible
Sharing a public project with a private group makes the group page publicly accessible. The issue is now mitigated in the latest release and is assigned CVE-2019-9732.
Versions Affected
Affects GitLab CE/EE 10.0.3 and later.
Remediation
We strongly recommend that all installations running an affected version to be upgraded to the latest version as soon as possible.
Upgrade barometer
This version does not include any new migrations, and should not require any downtime.
Please be aware that by default the Omnibus packages will stop, run migrations,
and start again, no matter how “big” or “small” the upgrade is. This behavior
can be changed by adding a /etc/gitlab/skip-auto-reconfigure file,
which is only used for updates.
Updating
To update, check out our update page.
GitLab subscriptions
Access to GitLab Starter, Premium, and Ultimate features is granted by a paid subscription.
Alternatively, sign up for GitLab.com to use GitLab's own infrastructure.
We want to hear from you
Enjoyed reading this blog post or have questions or feedback? Share your thoughts by creating a new topic in the GitLab community forum.
Share your feedback