diff options
author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-03-26 21:38:48 +0000 |
---|---|---|
committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-03-26 21:38:48 +0000 |
commit | faab4d4b997d892c917e288d5a91f5444d51a49a (patch) | |
tree | 0f79098d1e6bb96a4b5d092e8aca53147e9a20d1 | |
parent | 78c90cd946361f55f2df0d25e7bb783e4b514495 (diff) | |
download | gitlab-ce-faab4d4b997d892c917e288d5a91f5444d51a49a.tar.gz |
Update CHANGELOG.md for 11.9.2
[ci skip]
9 files changed, 14 insertions, 40 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index ca52a3a7444..6a97044779c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,20 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 11.9.2 (2019-03-26) + +### Security (8 changes) + +- Disallow guest users from accessing Releases. +- Fix PDF.js vulnerability. +- Hide "related branches" when user does not have permission. +- Fix XSS in resolve conflicts form. +- Added rake task for removing EXIF data from existing uploads. +- Return cached languages if they've been detected before. +- Disallow updating namespace when updating a project. +- Use UntrustedRegexp for matching refs policy. + + ## 11.9.1 (2019-03-25) ### Fixed (7 changes) diff --git a/changelogs/unreleased/disallow-guests-to-access-releases.yml b/changelogs/unreleased/disallow-guests-to-access-releases.yml deleted file mode 100644 index f2d518108d2..00000000000 --- a/changelogs/unreleased/disallow-guests-to-access-releases.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Disallow guest users from accessing Releases -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-55503-fix-pdf-js-vulnerability.yml b/changelogs/unreleased/security-55503-fix-pdf-js-vulnerability.yml deleted file mode 100644 index e5d0cd4fee1..00000000000 --- a/changelogs/unreleased/security-55503-fix-pdf-js-vulnerability.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Fix PDF.js vulnerability -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-56224.yml b/changelogs/unreleased/security-56224.yml deleted file mode 100644 index a4e274e6ca5..00000000000 --- a/changelogs/unreleased/security-56224.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Hide "related branches" when user does not have permission -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-56927-xss-resolve-conflicts-branch-name.yml b/changelogs/unreleased/security-56927-xss-resolve-conflicts-branch-name.yml deleted file mode 100644 index f92d2c0dcb1..00000000000 --- a/changelogs/unreleased/security-56927-xss-resolve-conflicts-branch-name.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Fix XSS in resolve conflicts form -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-exif-migration.yml b/changelogs/unreleased/security-exif-migration.yml deleted file mode 100644 index cc529099df5..00000000000 --- a/changelogs/unreleased/security-exif-migration.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Added rake task for removing EXIF data from existing uploads. -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-id-potential-denial-languages.yml b/changelogs/unreleased/security-id-potential-denial-languages.yml deleted file mode 100644 index 2194ecb97dc..00000000000 --- a/changelogs/unreleased/security-id-potential-denial-languages.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Return cached languages if they've been detected before -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-mass-assignment-on-project-update.yml b/changelogs/unreleased/security-mass-assignment-on-project-update.yml deleted file mode 100644 index 93561cd91b3..00000000000 --- a/changelogs/unreleased/security-mass-assignment-on-project-update.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Disallow updating namespace when updating a project -merge_request: -author: -type: security diff --git a/changelogs/unreleased/use-untrusted-regexp.yml b/changelogs/unreleased/use-untrusted-regexp.yml deleted file mode 100644 index dd7f1bcaca1..00000000000 --- a/changelogs/unreleased/use-untrusted-regexp.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Use UntrustedRegexp for matching refs policy -merge_request: -author: -type: security |