9.0.4-ce.0

pozgo released this 02 May 20:58

da25489

9.0.4 (2017-04-05)

Don’t show source project name when user does not have access.
Remove the class attribute from the whitelist for HTML generated from Markdown.
Fix path disclosure in project import/export.
Fix for open redirect vulnerability using continue[to] in URL when requesting project import status.
Fix for open redirect vulnerabilities in todos, issues, and MR controllers.

Assets 2