Google Git
Sign in
gerrit / homepage / 057f2f637dbdcee0af4edeb7f84f983cfb64a59a^! / .
commit057f2f637dbdcee0af4edeb7f84f983cfb64a59a[log] [tgz]
authorMarco Miller <marco.miller@ericsson.com>Thu Nov 19 09:26:45 2020 -0500
committerMarco Miller <marco.miller@ericsson.com>Thu Nov 19 09:31:30 2020 -0500
treece51ebd34dcfe75dc104002d8a67ebc7ac073a7f
parent596bc43d9abf6431e80340dacedd4278eebae66b [diff]
Align the 2.16.25 notes text with sibling releases

Change-Id: Id0929a666c62fe2ff4c8ce5b1355f14c79a5fa1f

diff --git a/pages/site/releases/2.16.md b/pages/site/releases/2.16.md
index 15bdfeb..886eed0 100644
--- a/pages/site/releases/2.16.md
+++ b/pages/site/releases/2.16.md

@@ -654,14 +654,14 @@
     for all refs. The latter only had logic to decide if a Git ref is visible
     according to the Gerrit `READ` permissions. This includes all refs under
     `refs/heads` as well as any other ref that isn't a database ref or a Git
-    tag. This component was unaware of Git tags and database references. Hence,
+    tag. This component was unaware of Git tags and notedb-related refs. Hence,
     when asked for a database reference such as `refs/changes/xx/yyyyxx/meta`,
     the logic would allow access if the user has `READ` permissions on any of
     the ref prefixes (such as the default "read refs/* Anonymous Users").
 
     That was problematic, because it bypassed
     [documented behavior](http://gerrit-documentation.storage.googleapis.com/Documentation/2.16.25/access-control.html)
-    where a user should only have access to a change if they can see the
+    where a user should only have access to a change if he can see the
     destination ref. The same goes for other database references.
 
   * [Issue 13514](https://bugs.chromium.org/p/gerrit/issues/detail?id=13514):
@@ -671,13 +671,13 @@
     hiding refs based on the project's ACLs. There is however an optimization
     that skips the filtering in case a user has `READ` permissions on every ACL
     pattern(s). When the target repository is `All-Users`, the optimization
-    turns into a security issue because it allows seeing everything that
-    belongs to everyone, i.e.:
+    turns into a security issue because it allows seeing all personal information
+    associated with all accounts, i.e.:
 
     * draft comments
-    * PII of all users
-    * external ids
     * draft edits
+    * personally identifiable information (PII) of all users
+    * external ids
 
     This fix now blocks Gitiles or any other part of Gerrit to abuse this power
     when the target repository is `All-Users`, where nobody can be authorized