blob: 728d7cc90176a9c755b7c9f2376e9e4b982c7adb [file] [log] [blame]
Release notes for Gerrit 2.1.9
There are no schema changes from link:ReleaseNotes-2.1.8.html[2.1.8].
Bug Fixes
* Patch JGit security hole
The security hole may permit a modified Git client to gain access
to hidden or deleted branches if the user has read permission on
at least one branch in the repository. Access requires knowing a
SHA-1 to request, which may be discovered out-of-band from an issue
tracker or gitweb instance.