diff options
| author | Robert Speicher <rspeicher@gmail.com> | 2017-02-14 16:48:40 -0500 |
|---|---|---|
| committer | Robert Speicher <rspeicher@gmail.com> | 2017-02-14 16:48:40 -0500 |
| commit | f3535bbff66d410983d39ec51f75d08683407fbf (patch) | |
| tree | 0307575062b5b18d42fced6f0763edac63233fe9 | |
| parent | 0733b142ac705a53de4f80e1b8c4929d30012905 (diff) | |
| download | gitlab-ce-f3535bbff66d410983d39ec51f75d08683407fbf.tar.gz | |
Update CHANGELOG.md for 8.14.9
[ci skip]
| -rw-r--r-- | CHANGELOG.md | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 6f0492700c5..e524062a2eb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -453,6 +453,13 @@ entry. - Whitelist next project names: help, ci, admin, search. !8227 - Adds back CSS for progress-bars. !8237 +## 8.14.9 (2017-02-14) + +- Patch Asciidocs rendering to block XSS. +- Fix XSS vulnerability in SVG attachments. +- Prevent the GitHub importer from assigning labels and comments to merge requests or issues belonging to other projects. +- Patch XSS vulnerability in RDOC support. + ## 8.14.8 (2017-01-25) - Accept environment variables from the `pre-receive` script. !7967 |