summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJohn T Skarbek <jskarbek@gitlab.com>2019-08-12 16:36:59 -0400
committerJohn T Skarbek <jskarbek@gitlab.com>2019-08-12 16:36:59 -0400
commit975763607443fad50e192411ad1da06ebb2ff532 (patch)
tree6d874a429894f7111cd19b8e421fd0c6d0ac0aac
parent71ec793214dd81701b5485aa10e20c9719cb0584 (diff)
parent5313f99818f6503d490d3efe8afa692aa4c4bd34 (diff)
downloadgitlab-ce-975763607443fad50e192411ad1da06ebb2ff532.tar.gz
Merge remote-tracking branch 'dev/master'
-rw-r--r--CHANGELOG.md20
-rw-r--r--GITLAB_PAGES_VERSION2
2 files changed, 21 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0752708d5e8..267a1caafec 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,14 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
+## 12.1.5
+
+### Security (2 changes)
+
+- Upgrade Gitaly to 1.53.2 to prevent revision flag injection exploits.
+- Upgrade pages to 1.7.1 to prevent gitlab api token recovery from cookie.
+
+
## 12.1.4
### Fixed (3 changes, 1 of them is from the community)
@@ -330,6 +338,10 @@ entry.
- Removes EE differences for app/views/admin/users/show.html.haml.
+## 12.0.6
+
+- No changes.
+
## 12.0.3 (2019-06-27)
- No changes.
@@ -678,6 +690,14 @@ entry.
- Moves snowplow to CE repo.
+## 11.11.8
+
+### Security (2 changes)
+
+- Upgrade Gitaly to 1.42.7 to prevent revision flag injection exploits.
+- Upgrade pages to 1.5.1 to prevent gitlab api token recovery from cookie.
+
+
## 11.11.7
### Security (9 changes)
diff --git a/GITLAB_PAGES_VERSION b/GITLAB_PAGES_VERSION
index bd8bf882d06..943f9cbc4ec 100644
--- a/GITLAB_PAGES_VERSION
+++ b/GITLAB_PAGES_VERSION
@@ -1 +1 @@
-1.7.0
+1.7.1