diff options
| author | Michael Kozono <mkozono@gmail.com> | 2017-12-18 17:55:44 +0000 |
|---|---|---|
| committer | Michael Kozono <mkozono@gmail.com> | 2017-12-18 17:55:44 +0000 |
| commit | 935d26f23d5243da55c424129557397eee01e041 (patch) | |
| tree | 617446e60cf74f95b338d309f3bb7056e3490163 | |
| parent | c887c03aaa7079c56c6451a4c6037ca5f99c99fc (diff) | |
| parent | 1da07b6fa414bb0d7a41bed92e6f68646fad0028 (diff) | |
| download | gitlab-ce-935d26f23d5243da55c424129557397eee01e041.tar.gz | |
Merge branch 'winh-10-1-changelog-entries-docs' into '10-1-stable'
Add changelog entries for 10.1.5
See merge request gitlab-org/gitlab-ce!15908
| -rw-r--r-- | CHANGELOG.md | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index ae31c6e3346..a2015f42a10 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,16 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 10.1.5 (2017-12-07) + +### Security (5 changes) + +- Fix e-mail address disclosure through member search fields +- Prevent creating issues through API when user does not have permissions +- Prevent an information disclosure in the Groups API +- Fix user without access to private Wiki being able to see it on the project page +- Fix Cross-Site Scripting (XSS) vulnerability while editing a comment + ## 10.1.4 (2017-11-14) ### Fixed (4 changes) @@ -250,6 +260,30 @@ entry. - creation of keys moved to services. !13331 (haseebeqx) - Add username as GL_USERNAME in hooks. +## 10.0.5 (2017-11-03) + +- [FIXED] Fix incorrect X-axis labels in Prometheus graphs. !14258 +- [FIXED] Fix `rake gitlab:incoming_email:check` and make it report the actual error. !14423 +- [FIXED] Does not check if an invariant hashed storage path exists on disk when renaming projects. !14428 +- [FIXED] Fix bottom spacing for dropdowns that open upwards. !14535 +- [FIXED] Fix the project import with issues and milestones. !14657 +- [FIXED] Fix broken Y-axis scaling in some Prometheus graphs. !14693 +- [FIXED] Fixed duplicate notifications when added multiple labels on an issue. !14798 +- [FIXED] Don't rename paths that were freed up when upgrading. !15029 +- [FIXED] Fixed issue/merge request breadcrumb titles not having links. +- [FIXED] Fix application setting to cache nil object. +- [FIXED] Fix missing Import/Export issue assignees. +- [FIXED] Allow boards as top level route. +- [FIXED] Fixed milestone breadcrumb links. +- [FIXED] Fixed merge request widget merged & closed date tooltip text. +- [FIXED] fix merge request widget status icon for failed CI. + +## 10.0.4 (2017-10-16) + +- [SECURITY] Move project repositories between namespaces when renaming users. +- [SECURITY] Prevent an open redirect on project pages. +- [SECURITY] Prevent a persistent XSS in user-provided markup. + ## 10.0.3 (2017-10-05) - [FIXED] find_user Users helper method no longer overrides find_user API helper method. !14418 |