From adadb52955804e3f03900681997aaeccef5780e0 Mon Sep 17 00:00:00 2001 From: "Shawn O. Pearce" Date: Thu, 21 Jun 2012 16:25:20 -0700 Subject: [PATCH] Release notes for 2.3.1 Change-Id: I8ff925a19e77cf5ad169b3661ec8b0ef0cd3a8a7 --- ReleaseNotes/ReleaseNotes-2.3.1.txt | 24 ++++++++++++++++++++++++ ReleaseNotes/index.txt | 1 + 2 files changed, 25 insertions(+) create mode 100644 ReleaseNotes/ReleaseNotes-2.3.1.txt diff --git a/ReleaseNotes/ReleaseNotes-2.3.1.txt b/ReleaseNotes/ReleaseNotes-2.3.1.txt new file mode 100644 index 0000000000..324a3c1446 --- /dev/null +++ b/ReleaseNotes/ReleaseNotes-2.3.1.txt @@ -0,0 +1,24 @@ +Release notes for Gerrit 2.3.1 +============================== + +Gerrit 2.3.1 is now available: + +link:http://code.google.com/p/gerrit/downloads/detail?name=gerrit-2.3.1.war[http://code.google.com/p/gerrit/downloads/detail?name=gerrit-2.3.1.war] + +There are no schema changes from 2.3. + +However, if upgrading from anything earlier, follow the upgrade +procedure in the 2.3 link:ReleaseNotes-2.3.html[ReleaseNotes]. + +Security Fixes +-------------- +* Some access control sections may be ignored ++ +Gerrit sometimes ignored an access control section in a project +if the exact same section name appeared in All-Projects. The bug +required an unrelated project to have access.inheritFrom set to +All-Projects and be accessed before the project that has the same +section name as All-Projects. This is an unlikely scenario for +most servers, as Gerrit does not normally set inheritFrom equal to +All-Projects. The usual behavior is to not supply this property in +project.config, and permit the implicit inheritence to take place. diff --git a/ReleaseNotes/index.txt b/ReleaseNotes/index.txt index 51d0b222af..8abda423c3 100644 --- a/ReleaseNotes/index.txt +++ b/ReleaseNotes/index.txt @@ -5,6 +5,7 @@ Gerrit Code Review - Release Notes Version 2.3.x ------------- * link:ReleaseNotes-2.3.html[2.3] +* link:ReleaseNotes-2.3.1.html[2.3.1] [[2_2]] Version 2.2.x