diff options
author | GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> | 2020-01-02 15:05:23 +0000 |
---|---|---|
committer | GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> | 2020-01-02 15:05:23 +0000 |
commit | b14570651a54203afba2cfd5c764598946a01044 (patch) | |
tree | b15be3be56d63e11ccaf2761de33a62d5926a5a2 | |
parent | 02434d0c9263461c6ee6b5d9f1a4b9c69db9db34 (diff) | |
download | gitlab-ce-b14570651a54203afba2cfd5c764598946a01044.tar.gz |
Update CHANGELOG.md for 12.5.6
[ci skip]
6 files changed, 11 insertions, 25 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 8b104d77bb4..84c1c389784 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,17 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 12.5.6 + +### Security (5 changes) + +- GraphQL: Add timeout to all queries. +- Return only runners from groups where user is owner for user CI owned runners. +- Filter out notification settings for projects that a user does not have at least read access. +- Hide project name and path when unsusbcribing from an issue or merge request. +- Fix 500 error caused by invalid byte sequences in uploads links. + + ## 12.5.5 ### Security (1 change) diff --git a/changelogs/unreleased/security-11-graphql-timeout-12-5.yml b/changelogs/unreleased/security-11-graphql-timeout-12-5.yml deleted file mode 100644 index 1d06aaced9d..00000000000 --- a/changelogs/unreleased/security-11-graphql-timeout-12-5.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: 'GraphQL: Add timeout to all queries' -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-12-5-mc-api-runner-owner-permissions.yml b/changelogs/unreleased/security-12-5-mc-api-runner-owner-permissions.yml deleted file mode 100644 index 2f23dbf7b9f..00000000000 --- a/changelogs/unreleased/security-12-5-mc-api-runner-owner-permissions.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Return only runners from groups where user is owner for user CI owned runners. -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-29983-private-project-name-exposed.yml b/changelogs/unreleased/security-29983-private-project-name-exposed.yml deleted file mode 100644 index 2cae417ec1d..00000000000 --- a/changelogs/unreleased/security-29983-private-project-name-exposed.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Filter out notification settings for projects that a user does not have at least read access -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-34072-project-name-disclosed.yml b/changelogs/unreleased/security-34072-project-name-disclosed.yml deleted file mode 100644 index f14c7728273..00000000000 --- a/changelogs/unreleased/security-34072-project-name-disclosed.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Hide project name and path when unsusbcribing from an issue or merge request -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-fix-invalid-byte-sequence-upload-links-master.yml b/changelogs/unreleased/security-fix-invalid-byte-sequence-upload-links-master.yml deleted file mode 100644 index afe48b448b0..00000000000 --- a/changelogs/unreleased/security-fix-invalid-byte-sequence-upload-links-master.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Fix 500 error caused by invalid byte sequences in uploads links -merge_request: -author: -type: security |