Linuxeden开源社区Security Fixes
This release has important security fixes pertaining to Agent-Server communication. We recommend all users to upgrade to this version to safeguard your GoCD server.
These security vulnerabilities were responsibly disclosed by Denis Andzakovic. We want to give users some time to upgrade, before providing more details about the vulnerabilities.
Webhook support for Config Repositories
Starting GoCD 21.1.0, the config repositories can be refreshed or updated via a webhook trigger. The config repositories page will now showcase the URL required to configure the same (if auto update has been turned off).
Improvements
- #8900 – Improve UX – add search functionality on page
Bug fixes
- #8915 – Repeated logging: Could not find file config/cipher and config/go.feature.toggles
APIs
Improvements, deprecations and breaking changes in the API and plugin API have been moved to their respective changelogs – API changelog for 21.1.0 and Plugin API changelog for 21.1.0.
Contributors
Aravind SV, Ganesh S Patil, Ketan Padegaonkar, Kritika Singh, Mahesh Panchaksharaiah, Marques Lee, Varsha Varadarajan
Note
A more comprehensive list of changes for this release can be found here.
Have ideas and want to contribute? Need some help getting started? We’re here to help. Reach out to us at support@thoughtworks.com.
Found a security issue that needs fixing? Please report it to https://hackerone.com/gocd
Please report any issues that you observe on GitHub issues.
转自 https://www.gocd.org/releases/#21-1-0