[ANNOUNCE] Gerrit 3.0.11 w/ security fix to protect against clickjacking
24 views
Skip to first unread message
Luca Milanesio
Jun 17, 2020, 10:09:59 AM6/17/20
to Repo and Gerrit Discussion, Luca Milanesio
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Gerrit version 3.0.11 is now available.
This release includes an important security fix for the Issue 12926 (X-Frame-Options response header)
which is needed for protecting against 'clickjacking'.
Please see the release notes for details.
Release Notes:
https://www.gerritcodereview.com/3.0.html#3011
Documentation:
http://gerrit-documentation.storage.googleapis.com/Documentation/3.0.11/index.html
Log of changes since 3.0.11:
https://gerrit.googlesource.com/gerrit/+log/v3.0.9..v3.0.11?no-merges
Download:
https://gerrit-releases.storage.googleapis.com/gerrit-3.0.11.war
SHA1:
91852f3e718a25eb65be45f66f015ef604c1fc49
SHA256:
899a0174b53534b484651c7ad3c20011cf03e040e7b785bdff74f53155318f22
MD5:
4d7776e06ad9d56e36fe50f17287899f
Maintainers' public keys:
https://www.gerritcodereview.com/releases/public-keys.md
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEETYfnMJcTx9Zrd8+/cHkSkHVi6ksFAl7hM8cACgkQcHkSkHVi
6kvKJQv/Wwk2CJveenhzBWsAs1zj6aQbGOp6XM8+e3h/eYj42XxcEru5sXC3ZzZg
BvhLpZEtIXOZcTvsG72WCyjv1udHc/JaLfYiDCFondrZSluXPBEcbaIoJMdiu2gQ
xySU2uiDY5v/el5fdaIFhOtRM+rybJU1jFGnJMp9yqQNXVI4fpRdAMDVyJC3OjHb
0uL1gZK6epUe2/dPw+TXUfuIuoloVP0/RXZ1XmCnsFfbxz/eFhq//TtbJlvIMeIZ
O+b30Sjd6Z4sZKh1mnkMeVF9BOHiHr9Vz/HM7vuk/3+OITfzDnYYggcW7OfbAdGY
Vt3txJcFj7E/f2xRSNm1A2uyNapnjUE+SerQ14fOknzn3GCCYQFtkf45MVVrGEW/
q7lXnWkfeTuYOF6KUo/3wVvGUXZxP1GgVnZ0LHMNMWxXSnlwo14mS7I2qSv2xnrA
+zoM8fJLq3mz6LDwex69TFm33u9bWsfQxQeanSUYXNACIa3lHX9V4TP5SBTPCS3i
8zAVPvDm
=HvOM
-----END PGP SIGNATURE-----
Hash: SHA512
Gerrit version 3.0.11 is now available.
This release includes an important security fix for the Issue 12926 (X-Frame-Options response header)
which is needed for protecting against 'clickjacking'.
Please see the release notes for details.
Release Notes:
https://www.gerritcodereview.com/3.0.html#3011
Documentation:
http://gerrit-documentation.storage.googleapis.com/Documentation/3.0.11/index.html
Log of changes since 3.0.11:
https://gerrit.googlesource.com/gerrit/+log/v3.0.9..v3.0.11?no-merges
Download:
https://gerrit-releases.storage.googleapis.com/gerrit-3.0.11.war
SHA1:
91852f3e718a25eb65be45f66f015ef604c1fc49
SHA256:
899a0174b53534b484651c7ad3c20011cf03e040e7b785bdff74f53155318f22
MD5:
4d7776e06ad9d56e36fe50f17287899f
Maintainers' public keys:
https://www.gerritcodereview.com/releases/public-keys.md
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEETYfnMJcTx9Zrd8+/cHkSkHVi6ksFAl7hM8cACgkQcHkSkHVi
6kvKJQv/Wwk2CJveenhzBWsAs1zj6aQbGOp6XM8+e3h/eYj42XxcEru5sXC3ZzZg
BvhLpZEtIXOZcTvsG72WCyjv1udHc/JaLfYiDCFondrZSluXPBEcbaIoJMdiu2gQ
xySU2uiDY5v/el5fdaIFhOtRM+rybJU1jFGnJMp9yqQNXVI4fpRdAMDVyJC3OjHb
0uL1gZK6epUe2/dPw+TXUfuIuoloVP0/RXZ1XmCnsFfbxz/eFhq//TtbJlvIMeIZ
O+b30Sjd6Z4sZKh1mnkMeVF9BOHiHr9Vz/HM7vuk/3+OITfzDnYYggcW7OfbAdGY
Vt3txJcFj7E/f2xRSNm1A2uyNapnjUE+SerQ14fOknzn3GCCYQFtkf45MVVrGEW/
q7lXnWkfeTuYOF6KUo/3wVvGUXZxP1GgVnZ0LHMNMWxXSnlwo14mS7I2qSv2xnrA
+zoM8fJLq3mz6LDwex69TFm33u9bWsfQxQeanSUYXNACIa3lHX9V4TP5SBTPCS3i
8zAVPvDm
=HvOM
-----END PGP SIGNATURE-----
Luca Milanesio
Jun 17, 2020, 10:30:53 AM6/17/20
to Repo and Gerrit Discussion, Luca Milanesio
> On 17 Jun 2020, at 15:09, Luca Milanesio <luca.mi...@gmail.com> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Gerrit version 3.0.11 is now available.
> This release includes an important security fix for the Issue 12926 (X-Frame-Options response header)
> which is needed for protecting against 'clickjacking'.
>
> Please see the release notes for details.
>
> Release Notes:
> https://www.gerritcodereview.com/3.0.html#3011
>
> Documentation:
> http://gerrit-documentation.storage.googleapis.com/Documentation/3.0.11/index.html
>
> Log of changes since 3.0.11:
> https://gerrit.googlesource.com/gerrit/+log/v3.0.9..v3.0.11?no-merges
Log of changes since 3.0.10:
https://gerrit.googlesource.com/gerrit/+log/v3.0.10..v3.0.11?no-merges
Luca.
Luca Milanesio
Jun 18, 2020, 1:17:15 PM6/18/20
to Repo and Gerrit Discussion, Luca Milanesio
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Binary packages (Deb / Rpm) of Gerrit version 3.0.11 are now available
Hash: SHA512
=====================================================================
This release includes an important security fix for the Issue 12926 (X-Frame-Options response header)
which is needed for protecting against 'clickjacking'.
*****************************
If you have a previous version of Gerrit 2.1x installed via native packages:
(on Debian / Ubuntu)
apt-get update & apt-get install gerrit=3.0.11-1
(on CentOS / RedHat)
yum clean all && yum install gerrit-3.0.11-1
(on Fedora)
dnf clean all && dnf install gerrit-3.0.11-1
If it is a new installation and you don't have the GerritForge/BinTray repositories
configured, please follow the instructions at:
http://gitenterprise.me/2015/02/27/gerrit-2-10-rpm-and-debian-packages-available/
Docker images
*************
Gerrit is distributed on DockerHub at:
https://hub.docker.com/r/gerritcodereview/gerrit/
The following tags have been published
3.0.11 => 3.0.11-centos7
3.0.11-centos7
3.0.11-ubuntu18
More information on how to use Gerrit Docker image for testing, staging, and production at:
https://gerrit.googlesource.com/docker-gerrit
MacOS native package
********************
MacOS Gerrit native installer is available for download at:
https://gerritforge.com/gerrit/mac/gerrit-installer-3.0.11.pkg
SHA1:
c8a589c733d47f398309f92480cf7b9f010d6cdb
SHA256:
e425ddb8168eea36bb1232590b01190b639d500dbc08ce620512eab86b1c92d3
-----BEGIN PGP SIGNATURE-----
iQGzBAEBCgAdFiEETYfnMJcTx9Zrd8+/cHkSkHVi6ksFAl7roU8ACgkQcHkSkHVi
6ku4zwv/ePlR+oSXrlFh2TiBqQKwASkXBfAj39M+m5xPHajX+c/yqQgi6culklaQ
ZapOMmy/a0mm6xOKr2qPnGj4slWK2vzVMMmxLeIm+RN9oLaaz1A/sUNcGj/83+yd
10VszfFZ4nexMPOL6//DRTPSmE/GQIHRog1UDMZDgxoCfmokOlRzHZfgbH6NFmzn
xh2D+WQvEWfylnUl1ezkOj38mzAPAKNla8/h32cB7ybjyQpW5/TUVPxv9wugozQs
HUJTLLHwQk7xTknORnmrZ5LmACycjKWzkEnQCVPCjwu+vc8Fa+jO7NCEppvlMJv3
tvHEuVyfOlnaxyycTidYu1RKPJnPAtgbFjGBrcaP5cx7GzKhSDNi0m+f6Wjf1E4x
2qvKdBC8PwU5x5ryXdbHpehOBhL7+2ze57tHv1+p7YIbmJT7W1R5Gw8h6c8nlcl+
pNZshU+aHcYSIeY+jdqP8VCkCQvx+W49HC/U5y0eGtQu+N/uWVwPzsmq0fG2muiZ
EDQNJUNz
=X5XF
-----END PGP SIGNATURE-----
Reply all
Reply to author
Forward
0 new messages