diff options
| author | Stan Hu <stanhu@gmail.com> | 2017-11-09 21:23:56 +0000 |
|---|---|---|
| committer | Stan Hu <stanhu@gmail.com> | 2017-11-09 21:23:56 +0000 |
| commit | 304ceb144cca36dbcefcfb508b0dac220f76c9e1 (patch) | |
| tree | 9ea88e9298314019926b13e1457a4d90346294d8 | |
| parent | 551c708ce8bbcd98c72c2b86cdcc8006a588215d (diff) | |
| parent | 29238cfaabf8f0fe83ddbbf83a5885df4a491b38 (diff) | |
| download | gitlab-ce-304ceb144cca36dbcefcfb508b0dac220f76c9e1.tar.gz | |
Merge branch 'mk-add-security-fixes-to-changelog-master' into 'master'
Add 10.1.2 security fixes to CHANGELOG on master
See merge request gitlab-org/gitlab-ce!15305
| -rw-r--r-- | CHANGELOG.md | 6 | ||||
| -rw-r--r-- | changelogs/unreleased/fix-mysql-grant-check.yml | 5 |
2 files changed, 6 insertions, 5 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 2f13eca2caf..2482f0124bd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,12 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 10.1.2 (2017-11-08) + +- [SECURITY] Add X-Content-Type-Options header in API responses to make it more difficult to find other vulnerabilities. +- [SECURITY] Properly translate IP addresses written in decimal, octal, or other formats in SSRF protections in project imports. +- [FIXED] Fix TRIGGER checks for MySQL. + ## 10.1.1 (2017-10-31) - [FIXED] Auto Devops kubernetes default namespace is now correctly built out of gitlab project group-name. !14642 (Mircea Danila Dumitrescu) diff --git a/changelogs/unreleased/fix-mysql-grant-check.yml b/changelogs/unreleased/fix-mysql-grant-check.yml deleted file mode 100644 index a1c1aa67d79..00000000000 --- a/changelogs/unreleased/fix-mysql-grant-check.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Fix TRIGGER checks for MySQL -merge_request: -author: -type: fixed |