|
|
@@ -176,3 +176,16 @@
|
|
|
[1.7.0]
|
|
|
* Use latest base image
|
|
|
|
|
|
+[1.8.0]
|
|
|
+* Fix critical CSRF vulnerabilities on API routes #5355
|
|
|
+* Wrong redirect after updated protect branch setting whose name contains # #5442
|
|
|
+* Clear labels not working #5445
|
|
|
+* [Security] Remote command execution #5469
|
|
|
+* Push event webhook is not triggered when new branch fetched to mirror repository #5473
|
|
|
+* Large issue comment exceeds dashboard section #5502
|
|
|
+* List collaborator API does not contain permission information #5538
|
|
|
+* [Security] Log out only deletes browser cookies #5540
|
|
|
+* [Security] Some routes need to be POST #5541
|
|
|
+* [Security] Stored XSS in external issue tracker URL format #5545
|
|
|
+* Support prefilling the title and body of new issues using query parameters #5302
|
|
|
+* Support data URL of base64 encoded images in Markdown #5391
|
Girish Ramakrishnan