summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGitLab Release Tools Bot <robert+release-tools@gitlab.com>2019-03-26 21:45:57 +0000
committerGitLab Release Tools Bot <robert+release-tools@gitlab.com>2019-03-26 21:45:57 +0000
commit42b8ba805de2b0b05d4f4a72c0737b76a3f95c01 (patch)
tree0b62df5abe298b78e10f40f4ca9223fc18a8f66f
parent34a5dac064982ee52135a53aa5d2e341dfb36647 (diff)
downloadgitlab-ce-42b8ba805de2b0b05d4f4a72c0737b76a3f95c01.tar.gz
Update CHANGELOG.md for 11.7.8
[ci skip]
Diffstat
-rw-r--r--CHANGELOG.md13
1 files changed, 13 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4a3228c60ed..9f0369a5d79 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -562,6 +562,19 @@ entry.
- Creates mixin to reduce code duplication between CE and EE in graph component.
+## 11.7.8 (2019-03-26)
+
+### Security (7 changes)
+
+- Disallow guest users from accessing Releases.
+- Fix PDF.js vulnerability.
+- Hide "related branches" when user does not have permission.
+- Fix XSS in resolve conflicts form.
+- Added rake task for removing EXIF data from existing uploads.
+- Disallow updating namespace when updating a project.
+- Use UntrustedRegexp for matching refs policy.
+
+
## 11.7.7 (2019-03-19)
### Security (2 changes)
View Lorry Controller Status