commit c5ed584bd5e2684b15c74c5bf6563a5083648bc2
author Luca Milanesio <luca.milanesio@gmail.com> Wed Dec 23 23:01:40 2020 +0000
committer Luca Milanesio <luca.milanesio@gmail.com> Thu Dec 24 00:10:33 2020 +0000
tree fc14654160344505686f0b1fc085e3b8638f04ed
parent f06b41de04302e74acbd52efce76488bf585bc34

Update Gerrit v3.2.6 Release Notes

Change-Id: Id3c2a172b58d1b6fa09b2cf44cf687d3ac31d30c

pages/site/releases/3.2.md

diff --git a/pages/site/releases/3.2.md b/pages/site/releases/3.2.md
index afaf290..8f8fea0 100644
--- a/pages/site/releases/3.2.md
+++ b/pages/site/releases/3.2.md
@@ -611,6 +611,65 @@
       elasticsearch versions also became [EOL](https://www.elastic.co/support/eol)
       recently.
 
+* Security Fixes
+
+  * [Issue 12629](https://bugs.chromium.org/p/gerrit/issues/detail?id=12629):
+  Verify hostname when sending emails via SMTP server with SMTPSClient.
+
+    The SMTP server's certificate and hostname must be verified if
+    encryption is enabled with SSL verification in the host settings
+    (`sendemail.smtpEncryption` and `sendemail.sslVerify`).
+
+* PolyGerrit Fixes
+
+  * Add a warning if submitting a change with an open change edit.
+
+* Bug Fixes
+
+  * [Issue 13544](https://bugs.chromium.org/p/gerrit/issues/detail?id=13544)
+  Ensure that GC#deleteOrphans respects pack lock:
+
+    If pack or index files are guarded by a pack lock (.keep file)
+    deleteOrphans() should not touch the respective files protected by the
+    lock file.
+
+  * [Issue 13775](https://bugs.chromium.org/p/gerrit/issues/detail?id=13775)
+  Honor `toogleWipState` permission for `%ready` `%wip` push options:
+
+  * [Issue 13781](https://bugs.chromium.org/p/gerrit/issues/detail?id=13781)
+  Compact the REST-API output JSON unconditionally:
+
+    The output JSON was initially compacted only when
+    the Accept header was set to `application/json`: the compaction is now
+    done unconditionally, unless the `pp=1` query parameter is specified.
+
+  * [Issue 13786](https://bugs.chromium.org/p/gerrit/issues/detail?id=13786)
+  ForRef#check should permit internal users to read all refs:
+
+    [Make `PermissionBackend#ForRef` authoritative change](https://gerrit-review.googlesource.com/c/gerrit/+/288925)
+    introduced a regression where gerrit `internal users` (e.g. plugins) were
+    not taken into consideration when checking READ permission. As consequence
+    the `All-Users.git` repository did not get any of the user's refs replicated
+    to the slaves. After the upgrade it is required to trigger a forced replication
+    of the `All-Users.git` repository manually.
+
+  * Avoid logging ssh exception for __stream is already closed__ when length=0
+    if present in the stacktrace.
+
+* Documentation Updates
+
+  * Clarify that 'm' push option sets patch set description.
+
+  * Clarify that disk cache metrics require `cache.enableDiskStatMetrics`.
+
+* Dependency Updates
+
+  * Upgrade Bazel toolchain to 3.1.0.
+
+  * Upgrade testcontainers to 1.15.1.
+
+  * Upgrade Jetty to 9.4.33.v20201020.
+
 ### 3.2.5.1
 
 * Bug Fixes