diff options
author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2018-08-27 12:04:46 +0000 |
---|---|---|
committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2018-08-27 12:04:46 +0000 |
commit | f280d682c4a44155167dd7e68f09d7d0e7c4f2c5 (patch) | |
tree | 1113b762365d7d8dd00e4c12334cbf99ebbd84b3 | |
parent | 726ee99bd5cde5b912cb560c4524158b880f34b8 (diff) | |
download | gitlab-ce-f280d682c4a44155167dd7e68f09d7d0e7c4f2c5.tar.gz |
Update CHANGELOG.md for 11.0.6
[ci skip]
5 files changed, 13 insertions, 20 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 18ec0e165ab..8ef53fe6349 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,19 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 11.0.6 (2018-08-27) + +### Security (3 changes) + +- Fixed persistent XSS rendering/escaping of diff location lines. +- Adding CSRF protection to Hooks resend action. +- Block link-local addresses in URLBlocker. + +### Fixed (1 change, 1 of them is from the community) + +- Sanitize git URL in import errors. (Jamie Schembri) + + ## 11.0.5 (2018-07-26) ### Security (4 changes) diff --git a/changelogs/unreleased/49272-sanitize-git-url-in-import-errors.yml b/changelogs/unreleased/49272-sanitize-git-url-in-import-errors.yml deleted file mode 100644 index c757e55f1cd..00000000000 --- a/changelogs/unreleased/49272-sanitize-git-url-in-import-errors.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Sanitize git URL in import errors -merge_request: -author: Jamie Schembri -type: fixed diff --git a/changelogs/unreleased/security-49085-11-2-persistent-xss-rendering.yml b/changelogs/unreleased/security-49085-11-2-persistent-xss-rendering.yml deleted file mode 100644 index dc15d356c1c..00000000000 --- a/changelogs/unreleased/security-49085-11-2-persistent-xss-rendering.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Fixed persistent XSS rendering/escaping of diff location lines -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-fj-missing-csrf-system-hooks-resend.yml b/changelogs/unreleased/security-fj-missing-csrf-system-hooks-resend.yml deleted file mode 100644 index 018acb9c5af..00000000000 --- a/changelogs/unreleased/security-fj-missing-csrf-system-hooks-resend.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Adding CSRF protection to Hooks resend action -merge_request: -author: -type: security diff --git a/changelogs/unreleased/sh-block-link-local-master.yml b/changelogs/unreleased/sh-block-link-local-master.yml deleted file mode 100644 index 0a6017479af..00000000000 --- a/changelogs/unreleased/sh-block-link-local-master.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Block link-local addresses in URLBlocker -merge_request: -author: -type: security |