diff options
| author | Luke Bennett <lukeeeebennettplus@gmail.com> | 2018-02-05 13:37:15 +0000 |
|---|---|---|
| committer | Luke Bennett <lukeeeebennettplus@gmail.com> | 2018-02-05 13:37:15 +0000 |
| commit | 51840698678d15c53fff9c29cb083045305486a1 (patch) | |
| tree | b63d52e9eff1d01c5f9efe52bdc217ad0559a0be | |
| parent | bd6a7eef6d3c399f9608299b865dc797171fcd04 (diff) | |
| download | gitlab-ce-51840698678d15c53fff9c29cb083045305486a1.tar.gz | |
Update CHANGELOG.md for 10.4.3
[ci skip]
5 files changed, 10 insertions, 20 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 6f6a1234219..92a4be90071 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,16 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 10.4.3 (2018-02-05) + +### Security (4 changes) + +- Fix namespace access issue for GitHub, BitBucket, and GitLab.com project importers. +- Fix stored XSS in code blocks that ignore highlighting. +- Fix wilcard protected tags protecting all branches. +- Restrict Todo API mark_as_done endpoint to the user's todos only. + + ## 10.4.2 (2018-01-30) ### Fixed (6 changes) diff --git a/changelogs/unreleased/fix-gh-namespace-issue.yml b/changelogs/unreleased/fix-gh-namespace-issue.yml deleted file mode 100644 index 2db7abb9d58..00000000000 --- a/changelogs/unreleased/fix-gh-namespace-issue.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Fix namespace access issue for GitHub, BitBucket, and GitLab.com project importers -merge_request: -author: -type: security diff --git a/changelogs/unreleased/fix-stored-xss-in-code-blocks.yml b/changelogs/unreleased/fix-stored-xss-in-code-blocks.yml deleted file mode 100644 index b595459ee6b..00000000000 --- a/changelogs/unreleased/fix-stored-xss-in-code-blocks.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Fix stored XSS in code blocks that ignore highlighting -merge_request: -author: -type: security diff --git a/changelogs/unreleased/mc-bug-38984-wildcard-protected-tags.yml b/changelogs/unreleased/mc-bug-38984-wildcard-protected-tags.yml deleted file mode 100644 index 27219b096af..00000000000 --- a/changelogs/unreleased/mc-bug-38984-wildcard-protected-tags.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Fix wilcard protected tags protecting all branches -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-10-4-todo-api-reveals-sensitive-information.yml b/changelogs/unreleased/security-10-4-todo-api-reveals-sensitive-information.yml deleted file mode 100644 index 329825d1e73..00000000000 --- a/changelogs/unreleased/security-10-4-todo-api-reveals-sensitive-information.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Restrict Todo API mark_as_done endpoint to the user's todos only -merge_request: -author: -type: security |