GitLab 7.7.2 and GitLab CI 5.4.2 had both been recently released. This release contains two security fixes, and its recommend everyone that uses protected branches, GitLab CI or LDAP to upgrade.
GitLab 7.7.2 fixes:
- Security fix: Fix a bug where developers can push to a protected branch
- Fix an issue where a LDAP user can’t login with an existing GitLab account
GitLab CI 5.4.2 contains a single security fix:
- Security fix: Fix a bug where a CI user can get the CI project token even if the user does not have access to the project
- Omnibus-gitlab packages for GitLab 7.7.2 and GitLab CI 5.4.2 are now available.
- To upgrade a GitLab installation from source please use the upgrader or the patch update guide.
- To upgrade a GitLab CI installation from source, please use the upgrade guide.