Update CHANGELOG.md for 12.8.10

[ci skip]
This commit is contained in:
GitLab Release Tools Bot 2020-04-30 14:24:14 +00:00
parent 62a87135ad
commit b44c165115

View file

@ -1010,6 +1010,19 @@ entry.
- Improvement in token reference. - Improvement in token reference.
## 12.8.10 (2020-04-30)
### Security (7 changes)
- Ensure MR diff exists before codeowner check.
- Prevent unauthorized access to default branch.
- Do not return private project ID without permission.
- Fix doorkeeper CVE-2020-10187.
- Prevent ES credentials leak.
- Return only safe urls for mirrors.
- Validate workhorse 'rewritten_fields' and properly use them during multipart uploads.
## 12.8.9 (2020-04-14) ## 12.8.9 (2020-04-14)
### Security (3 changes) ### Security (3 changes)