diff options
| author | Winnie Hellmann <winnie@gitlab.com> | 2017-12-11 16:27:40 +0000 |
|---|---|---|
| committer | LUKE BENNETT <lbennett@gitlab.com> | 2017-12-13 14:16:05 +0000 |
| commit | f229fff4f65e2d69f3bf2b000dfbc54ab8ef12a8 (patch) | |
| tree | 9394698d7b74c722fa9e335ad4d8a603d8382455 | |
| parent | 8c7606138f7f2196d35e343deb95f51c0bfdaaf3 (diff) | |
| download | gitlab-ce-f229fff4f65e2d69f3bf2b000dfbc54ab8ef12a8.tar.gz | |
Merge branch 'winh-merge-dev-docs' into 'master'
Resolve merge conflicts with dev.gitlab.org/master after security release
See merge request gitlab-org/gitlab-ce!15851
(cherry picked from commit d9f40fddb704a60a38a95dd6433ff40ce65d738d)
4f992572 Update CHANGELOG.md for 10.2.4
84b3c215 Update CHANGELOG.md for 10.1.5
fad2a07c Update CHANGELOG.md for 10.0.7
10131bf2 Merge remote-tracking branch 'gitlab-ce/master'
d9453a24 Merge dev.gitlab.org/master into winh-merge-dev
be586388 Make CHANGELOG.md consistent for 10.2.4, 10.1.5, and 10.0.7
| -rw-r--r-- | CHANGELOG.md | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 78f8e457c70..adf097b52f3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,9 +2,9 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. -## 10.2.4 (2017-12-08) +## 10.2.4 (2017-12-07) -### Security (4 changes) +### Security (5 changes) - Fix e-mail address disclosure through member search fields - Prevent creating issues through API when user does not have permissions @@ -248,6 +248,17 @@ entry. - Add Gitaly metrics to the performance bar. +## 10.1.5 (2017-12-07) + +### Security (5 changes) + +- Fix e-mail address disclosure through member search fields +- Prevent creating issues through API when user does not have permissions +- Prevent an information disclosure in the Groups API +- Fix user without access to private Wiki being able to see it on the project page +- Fix Cross-Site Scripting (XSS) vulnerability while editing a comment + + ## 10.1.4 (2017-11-14) ### Fixed (4 changes) @@ -496,6 +507,17 @@ entry. - creation of keys moved to services. !13331 (haseebeqx) - Add username as GL_USERNAME in hooks. +## 10.0.7 (2017-12-07) + +### Security (5 changes) + +- Fix e-mail address disclosure through member search fields +- Prevent creating issues through API when user does not have permissions +- Prevent an information disclosure in the Groups API +- Fix user without access to private Wiki being able to see it on the project page +- Fix Cross-Site Scripting (XSS) vulnerability while editing a comment + + ## 10.0.5 (2017-11-03) - [FIXED] Fix incorrect X-axis labels in Prometheus graphs. !14258 |