Today we are releasing versions 8.10.7, 8.9.8, and 8.8.9 for GitLab Community Edition (CE) and Enterprise Edition (EE).
These versions include a security fix in two GitLab dependencies and are a recommended upgrade for all installations.
Please read on for more details.
Doorkeeper 4.2.0 was recently released to address CVE-2016-6582 and we've updated the gem accordingly.
GitLab versions prior to 8.10 are not using Hamlit and do not require this fix.
These versions do not include any migrations, and should not require any downtime.
Please be aware that by default the Omnibus packages will stop, run migrations, and start again, no matter how “big” or “small” the upgrade is. This behavior can be changed by adding a
To update, check out our update page.
Want to be alerted to new security patches as soon as they're available? Sign up for our Security Newsletter.
Interested in GitLab Enterprise Edition? Check out the features exclusive to EE.
Access to GitLab Enterprise Edition is included with a subscription. No time to upgrade GitLab yourself? Subscribers receive upgrade and installation services.