Mar 14, 2019 - Yorick Peterse    

GitLab Patch Release: 11.8.2

GitLab 11.8.2 is released

Today we are releasing version 11.8.2 for GitLab Community Edition and Enterprise Edition.

This version resolves a number of regressions and bugs in this month's 11.8.0 release and prior versions.

GitLab Community Edition and Enterprise Edition

Security fix

Public project in a private group makes the group page publicly accessible

Sharing a public project with a private group makes the group page publicly accessible. The issue is now mitigated in the latest release and is assigned CVE-2019-9732.

Versions Affected

Affects GitLab CE/EE 10.0.3 and later.

Remediation

We strongly recommend that all installations running an affected version to be upgraded to the latest version as soon as possible.

Upgrade barometer

This version does not include any new migrations, and should not require any downtime.

Please be aware that by default the Omnibus packages will stop, run migrations, and start again, no matter how “big” or “small” the upgrade is. This behavior can be changed by adding a /etc/gitlab/skip-auto-reconfigure file, which is only used for updates.

Updating

To update, check out our update page.

GitLab subscriptions

Access to GitLab Starter, Premium, and Ultimate features is granted by a paid subscription.

Alternatively, sign up for GitLab.com to use GitLab's own infrastructure.

We want to hear from you

Enjoyed reading this blog post or have questions or feedback? Share your thoughts by creating a new topic in the GitLab community forum.

Share your feedback

Take GitLab for a spin

See what your team could do with The DevSecOps Platform.

Get free trial

Have a question? We're here to help.

Talk to an expert
Edit this page View source