| | |
|---|
| | | - Raw servlet was insecure. If someone knew the exact repository name and path to a file, the raw blob could be retrieved bypassing security constraints. (issue 198)
|
|---|
| | | fixes:
|
|---|
| | | - Could not reset settings with $ or { characters through Gitblit Manager because they are not properly escaped
|
|---|
| | | - Added more error checking to blob page
|
|---|
| | | - Fix NPE when getting user's fork without repository list caching (issue 182)
|
|---|
| | | - Fix internal error on folder history links (issue 192)
|
|---|
| | | - Fixed incorrect icon file name for .doc files (issue 200)
|
|---|
| | | - Do not queue emails with no recipients (issue 201)
|
|---|
| | | - Disable view and blame links for deleted blobs (issue 216)
|
|---|
| | | - Fixed 1.2.x regression with individually symlinked repositories (issue 217)
|
|---|
| | | - Fixed NPE in 1.2.1 Federation Client (issue 219)
|
|---|
| | | - Fixed extracting Groovy scripts on Express installs (issue 220)
|
|---|
| | | - Ensure Redmine url is properly formatted (issue 223)
|
|---|
