Google Git
Sign in
gerrit / homepage / a3e962934e834329f9f29cc4c46562409a1c00cc^! / .
commita3e962934e834329f9f29cc4c46562409a1c00cc[log] [tgz]
authorDavid Ostrovsky <david@ostrovsky.org>Wed Jan 13 23:36:44 2021 +0100
committerLuca Milanesio <luca.milanesio@gmail.com>Mon Feb 01 22:43:30 2021 +0000
tree196dcdbe60b5f33ffe643bd4d5f408bc5e36dbe7
parent31be0eb18268f01bf0d64193195948da3fdfe76c [diff]
Add release notes for Gerrit v2.15.22

Add release notes for memory leak in every
git-over-http call.

Change-Id: I7e0a08f42375844042bc97c295a357793f0b4cfc

diff --git a/pages/site/releases/2.15.md b/pages/site/releases/2.15.md
index 082b023..cf782e7 100644
--- a/pages/site/releases/2.15.md
+++ b/pages/site/releases/2.15.md

@@ -6,7 +6,8 @@
 toc: true
 ---
 
-Download: **[2.15.21](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.21.war)**
+Download: **[2.15.22](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.22.war)**
+| [2.15.21](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.21.war)
 | [2.15.19](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.19.war)
 | [2.15.18](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.18.war)
 | [2.15.17](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.17.war)
@@ -28,7 +29,8 @@
 | [2.15.1](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.1.war)
 | [2.15](https://gerrit-releases.storage.googleapis.com/gerrit-2.15.war)
 
-Documentation: **[2.15.21](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.21/index.html)**
+Documentation: **[2.15.22](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.22/index.html)**
+| [2.15.21](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.21/index.html)
 | [2.15.19](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.19/index.html)
 | [2.15.18](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.18/index.html)
 | [2.15.17](https://gerrit-documentation.storage.googleapis.com/Documentation/2.15.17/index.html)
@@ -445,6 +447,17 @@
 
 ## Bugfix Releases
 
+### 2.15.22
+
+* Security Fixes
+
+  * [Issue 13858](https://bugs.chromium.org/p/gerrit/issues/detail?id=13858)
+    [CVE-2021-22553](https://nvd.nist.gov/vuln/detail/CVE-2021-22553):
+  Fixed memory leak in Git-over-HTTP requests.
+
+    Unauthenticated users could exploit this problem in a Denial of Service attack,
+    causing the server to go out-of-memory.
+
 ### 2.15.21
 
 * Security Fixes