Gerrit version 2.15.7 is now available

Gerrit version 2.15.7 is now available

gerrit.war 歷史版本下載

各個版本的 gerrit.war 下載

鏈接：https://blog.csdn.net/mmh19891113/article/details/81013994

gerrit-releases.storage.googleapis.com

Gerrit version 2.15.7

Gerrit version 2.15.7 is now available. This release includes dependency upgrades to fix CVE issues, and a few other bug fixes. Please see the release notes for details.

Release Notes:
https://www.gerritcodereview.com/2.15.html#2157

Documentation:
http://gerrit-documentation.storage.googleapis.com/Documentation/2.15.7/index.html

Log of changes since 2.15.6:
https://gerrit.googlesource.com/gerrit/+log/v2.15.6..v2.15.7?no-merges

Download:
https://gerrit-releases.storage.googleapis.com/gerrit-2.15.7.war

SHA1:
6067039d9b37d7bd66b65ab4ace6868b54b62436

SHA256:
4cb05cb11458a0d7e189cd6138ebf8515411871d399ff1f5aaf5b62e62c636f2

MD5:
2b90985f2d08954bce3eb8af21ccac28

Maintainers' public keys:
https://www.gerritcodereview.com/releases/public-keys.md
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIzBAEBCgAdFiEECnaesFM5uTvdiZXtDDr2ZJ/8IQIFAlvqBnwACgkQDDr2ZJ/8
IQLfBBAAsRlzmdIBCcnrpVxvRaSg//bOpYBiH8JZWeZDuavlTgFGgA3pZ0/n9vfN
Q7ROb9S3V28SrSfKS9wM8Gb8f/OpjU8S548UHNbjUrkOHR/XIXpg01ddVBb8dbWz
ZJu5tbIqFFhizu6rgkZwnHIBQZf3FYDseACEVI5s7P6uPcTHxrW6Le04U0VGyxut
IPghM3eVgn/p8VGrzNw1s+sO31rWk836GvTKMQ6E25OkDziMQ93Ffmj0DvgPmtFY
JNNJ14m8KzcS9a59hFkDj6aIZ4GSzAeucgNpxRavwVF1NxIzS5gVP8Jffq4cnCAg
paCL2Zyefj/ZLa4LWFPrYCNTEJP4SK0b2Khdk0U+WlNIZhyCtgmQr9yLSiYFhYX1
M/F/BPkKlIJM8sE0Ley/6o4M/MYB/uEtYmavKOuTfFR83uwQi3dTW58/c/z4LlXX
7j46UB5LifjV43YrnZMcIo5WFzvkT8lxZMvuGh1Vr3WWyc7w2JspDToW+s2U6EKI
2SDcVjtE+Q0I4/4V05fXeeAelfDGClLPMYoBAgvqNXG36juZLliA4rIEZMG9IX0o
Fnd18RInGLyFEYIH9sB9RNeelXEU9Q2BNpblzsLoy55to0Rmwie3zlJzWFg34c86
7nvwZ7KWZjcpSkvaEx9hdA3SQ37JTDdW+bgZO8LEFsAiVRsvWAI=
=icOb
-----END PGP SIGNATURE-----

Binary packages (Deb / Rpm) of Gerrit version 2.15.7 are now available

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Binary packages (Deb / Rpm) of Gerrit version 2.15.7 are now available.
=======================================================================

How to install/upgrade: 2.15.7
********************************

If you have a previous version of Gerrit 2.1x installed via native packages:

(on Debian / Ubuntu)
apt-get update & apt-get install gerrit=2.15.7-1

(on CentOS / RedHat)
yum clean all && yum install gerrit-2.15.7-1

(on Fedora)
dnf clean all && dnf install gerrit-2.15.7-1

If it is a new installation and you don't have the GerritForge/BinTray repositories
configured, please follow the instructions at:
http://gitenterprise.me/2015/02/27/gerrit-2-10-rpm-and-debian-packages-available/

Docker images:
**************

Gerrit is distributed on DockerHub at:
https://hub.docker.com/r/gerritcodereview/gerrit/

The following tags have been published
latest => 2.15.7
2.15.7 => 2.15.7-centos7
2.15.7-centos7
2.15.7-ubuntu16

More information on how to use Gerrit Docker image for testing, staging, and production at:
https://gerrit.googlesource.com/docker-gerrit

MacOS native package:
*********************

MacOS Gerrit native installer is available for download at:

https://dl.bintray.com/gerrit/mac/gerrit-installer-2.15.7.pkg
https://gerritforge.com/gerrit/mac/gerrit-installer-2.15.7.pkg

SHA1:
e2a2156d5b1d05e390b986149a9252518e073391

SHA256:
ae72d62ede5e3d851e5a1cc571b02b81db32004e2bc3d07c7a4d448a9322b427

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJbRpncAAoJEB//ql4Ycfd1ZOMH/i/9M5dBooZWNNrlLF7X4/Lj
ajHhK2jJTG22DaxKzx0ZjS9NH/JWIIjZUFT0n1KpYow1o/QDd/ob2d6kBAzC/63O
lfDip/Z5WbsPqBAxs2fFQTP5ZbkLxQRi1LX8J52kndkRpbgABnEzDu+Monm63NDK
ROcVDCXsZhMuz96uLq6/ExLfiIxss1STYASbL0O/pRPVDduDUY3vo/GQYEgfLdZw
+VUuC/OkSPKbi3WhAGTRIe2YTT0XusVhskcT+EJEMMBqTeJi4LTukAC63u2LxpYo
eYhsEqJ6trFLB/Zh9QeeYmQcXjD5bh6oxXhHdStKVLkClnZAS9fcQvaRGTCPTks=
=qCdP
-----END PGP SIGNATURE-----

Gerrit 2.15.7 Release

2.15.7



    Issue 9952: Upgrade dependencies to newer versions to fix CVEs.
        CVE-2015-1832: Upgrade Apache Derby to 10.12.1.1
        CVE-2018-10936: Upgrade postgresql to 42.2.5
        CVE-2017-12629: Upgrade Lucene to 5.5.5
        CVE-2018-10237: Upgrade guava to 24.1.1-jre
        CVE-2018-1000180, CVE-2018-1000613: Upgrade Bouncycastle to 1.60
        CVE-2017-7656, CVE-2017-7657, CVE-2017-7658, CVE-2017-9735, CVE-2018-12536: Upgrade Jetty to 9.3.24.v20180605

    Issue 9969: Fix incorrect dependency on httpcore-nio for Elasticsearch.

    The Elasticsearch REST client depends on version 4.4.5 of httpcore-nio, but the version provided by Gerrit was 4.4.1.

    Remove dependency on httpmime.

    httpmime was a dependency of Apache Solr, which was removed from Gerrit some time ago.

    Upgrade Elasticsearch REST client to 6.4.3.

    Fix logic for updating display name on authentication.

    The display name was only being updated in the case when the authentication realm did not allow updates.

    Issue 9982: Trigger audit for git over HTTP commands.

    git-receive-pack and git-upload-pack commands were only audited for git over SSH.

    Issue 9974: Fix redirection to documentation index page.

    Issue 7306 and Issue 9321: Fix URL routing.