Update CHANGELOG.md for 13.1.2
[ci skip]
This commit is contained in:
parent
a4c6555151
commit
f2e450724c
1 changed files with 24 additions and 0 deletions
24
CHANGELOG.md
24
CHANGELOG.md
|
@ -2,6 +2,30 @@
|
||||||
documentation](doc/development/changelog.md) for instructions on adding your own
|
documentation](doc/development/changelog.md) for instructions on adding your own
|
||||||
entry.
|
entry.
|
||||||
|
|
||||||
|
## 13.1.2 (2020-07-01)
|
||||||
|
|
||||||
|
### Security (18 changes)
|
||||||
|
|
||||||
|
- Update xterm js dependency to latest stable 3.x version.
|
||||||
|
- Do not show activity for users with private profiles.
|
||||||
|
- Fix stored XSS in markdown renderer.
|
||||||
|
- Upgrade swagger-ui to solve XSS issues.
|
||||||
|
- Fix group deploy token API authorizations.
|
||||||
|
- Check access when sending TODOs related to merge requests.
|
||||||
|
- Change from hybrid to JSON cookies serializer.
|
||||||
|
- Prevent XSS in group name validations.
|
||||||
|
- Disable caching for wiki attachments.
|
||||||
|
- Disable Github Importer API by settings.
|
||||||
|
- Fix null byte error in upload path.
|
||||||
|
- Update permissions for time tracking endpoints.
|
||||||
|
- Add snippet repository validation after bundle import.
|
||||||
|
- Update Kaminari gem.
|
||||||
|
- Fix note author name rendering.
|
||||||
|
- Sanitize bitbucket repo urls to mitigate XSS.
|
||||||
|
- Stored XSS on the Error Tracking page.
|
||||||
|
- Fix security issue when rendering issuable.
|
||||||
|
|
||||||
|
|
||||||
## 13.1.1 (2020-06-23)
|
## 13.1.1 (2020-06-23)
|
||||||
|
|
||||||
### Fixed (4 changes)
|
### Fixed (4 changes)
|
||||||
|
|
Loading…
Reference in a new issue