kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Manually add 10.2.4 changelog entries

Browse source
This commit is contained in:
Michael Kozono 2017-12-08 14:05:17 -08:00
parent f4fbe61a9e
commit 0f81167570
4 changed files with 11 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
CHANGELOG.md
View file

@ -2,6 +2,17 @@
documentation](doc/development/changelog.md) for instructions on adding your own documentation](doc/development/changelog.md) for instructions on adding your own
entry. entry.
## 10.2.4 (2017-12-08)
### Security (4 changes)
- Fix e-mail address disclosure through member search fields
- Prevent creating issues through API when user does not have permissions
- Prevent an information disclosure in the Groups API
- Fix user without access to private Wiki being able to see it on the project page
- Fix Cross-Site Scripting (XSS) vulnerability while editing a comment
## 10.2.3 (2017-11-30) ## 10.2.3 (2017-11-30)
### Fixed (7 changes) ### Fixed (7 changes)

5
changelogs/unreleased/bvl-email-disclosure.yml
View file

@ -1,5 +0,0 @@
---
title: Don't match partial email adresses
merge_request: 2227
author:
type: security

5
changelogs/unreleased/issue_30663.yml
View file

@ -1,5 +0,0 @@
---
title: Prevent creating issues through API when user does not have permissions
merge_request:
author:
type: security

5
changelogs/unreleased/rs-security-group-api.yml
View file

@ -1,5 +0,0 @@
---
title: Prevent an information disclosure in the Groups API
merge_request:
author:
type: security