diff options
Diffstat (limited to 'ReleaseNotes/ReleaseNotes-2.4.2.txt')
-rw-r--r-- | ReleaseNotes/ReleaseNotes-2.4.2.txt | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/ReleaseNotes/ReleaseNotes-2.4.2.txt b/ReleaseNotes/ReleaseNotes-2.4.2.txt new file mode 100644 index 0000000000..afa1d96cb3 --- /dev/null +++ b/ReleaseNotes/ReleaseNotes-2.4.2.txt @@ -0,0 +1,24 @@ +Release notes for Gerrit 2.4.2 +============================== + +Gerrit 2.4.2 is now available: + +link:http://code.google.com/p/gerrit/downloads/detail?name=gerrit-2.4.2.war[http://code.google.com/p/gerrit/downloads/detail?name=gerrit-2.4.2.war] + +There are no schema changes from 2.4, or 2.4.1. + +However, if upgrading from anything earlier, follow the upgrade +procedure in the 2.4 link:ReleaseNotes-2.4.html[ReleaseNotes]. + +Security Fixes +-------------- +* Some access control sections may be ignored ++ +Gerrit sometimes ignored an access control section in a project +if the exact same section name appeared in All-Projects. The bug +required an unrelated project to have access.inheritFrom set to +All-Projects and be accessed before the project that has the same +section name as All-Projects. This is an unlikely scenario for +most servers, as Gerrit does not normally set inheritFrom equal to +All-Projects. The usual behavior is to not supply this property in +project.config, and permit the implicit inheritence to take place. |