Skip to content

1.9.1
Compare
Choose a tag to compare
@flaix flaix released this 05 Apr 11:17
· 206 commits to master since this release
v1.9.1
2c5027f

Update Note

When you have Gitblit installed as a service under Linux or Windows, you may need to edit your service script/definition. The command line to start Gitblit needs to be different, the classpath and class are speficied now.

See notes for release 1.9.0.

      !! IMPORTANT BUG FIX FOR PASSWORD HASH UPGRADE !!
      
      There is a severe bug in version 1.9.0, which can lock users out from their accounts.
      When updating from a previous version to 1.9.0, existing stored passwords are rehashed
      with a more secure password hash mechanism when a user first logs in after the update.
      This happens when the password hashing mechanism was left at default and not specifically
      set in the configuration. An error in the implementation will destroy the stored password
      instead and the user can no longer log in.

      Only certain circumstances will lead to this wrong behaviour. It will most likely
      affect users of the Gitblit Docker container. If you did not encounter any problems,
      update to 1.9.1 to be on the safe side. If you were hit by this bug, we are deeply sorry.
      There is no way to fix the affected accounts other than to set a new password.

      This is fixed in 1.9.1. Updates of existing installations should be made to 1.9.1, not 1.9.0.
Fixes

Fixes

  • Fixed broken password hash upgrade destroying existing stored passwords on update.
  • Fixed Linux service scripts to use -cp parameter instead of -jar.

Full release notes on gitblit.com

Assets 8
Loading