parent
35dfe85f2d
commit
88241108c4
18
CHANGELOG.md
18
CHANGELOG.md
|
@ -478,6 +478,24 @@ entry.
|
|||
- Removes EE differences for environment_item.vue.
|
||||
|
||||
|
||||
## 11.9.12 (2019-05-30)
|
||||
|
||||
### Security (12 changes, 1 of them is from the community)
|
||||
|
||||
- Protect Gitlab::HTTP against DNS rebinding attack.
|
||||
- Fix project visibility level validation. (Peter Marko)
|
||||
- Update Knative version.
|
||||
- Add DNS rebinding protection settings.
|
||||
- Prevent XSS injection in note imports.
|
||||
- Prevent invalid branch for merge request.
|
||||
- Filter relative links in wiki for XSS.
|
||||
- Fix confidential issue label disclosure on milestone view.
|
||||
- Fix url redaction for issue links.
|
||||
- Resolve: Milestones leaked via search API.
|
||||
- Prevent bypass of restriction disabling web password sign in.
|
||||
- Hide confidential issue title on unsubscribe for anonymous users.
|
||||
|
||||
|
||||
## 11.9.10 (2019-04-26)
|
||||
|
||||
### Security (5 changes)
|
||||
|
|
Loading…
Reference in New Issue