summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>2019-11-26 16:12:06 +0000
committerGitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>2019-11-26 16:12:06 +0000
commit0994af9283ed8bcdabd3fb16d45ae8d21dd98b66 (patch)
treedc9b8338357932d5b4bf3598e52abf70e603394b
parent1bc5f5c4a35e186c94c7b1efecec9425661cbff6 (diff)
downloadgitlab-ce-0994af9283ed8bcdabd3fb16d45ae8d21dd98b66.tar.gz
Update CHANGELOG.md for 12.5.1
[ci skip]
Diffstat
-rw-r--r--CHANGELOG.md14
-rw-r--r--changelogs/unreleased/security-28802-respect-fork-parent-visibility-ee.yml5
-rw-r--r--changelogs/unreleased/security-2943-encrypt-plaintext-tokens.yml5
-rw-r--r--changelogs/unreleased/security-29660-update-dependencies.yml5
-rw-r--r--changelogs/unreleased/security-ag-cycle-analytics-guest-permissions.yml5
-rw-r--r--changelogs/unreleased/security-dns-rebind-ssrf-in-slack-notifications.yml5
-rw-r--r--changelogs/unreleased/security-exclude_ids_attribute_cleaning.yml5
-rw-r--r--changelogs/unreleased/security-filter-related-branches-from-activity-feed.yml6
-rw-r--r--changelogs/unreleased/security-fix-xss-in-label-namespace.yml5
9 files changed, 14 insertions, 41 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index a4efa33eed7..59fb71c3245 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,20 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
+## 12.5.1
+
+### Security (8 changes)
+
+- Check permissions before showing a forked project's source.
+- Encrypt application setting tokens.
+- Update Workhorse and Gitaly to fix a security issue.
+- Hide commit counts from guest users in Cycle Analytics.
+- Limit potential for DNS rebind SSRF in chat notifications.
+- Ensure are cleaned by ImportExport::AttributeCleaner.
+- Remove notes regarding Related Branches from Issue activity feeds for guest users.
+- Escape namespace in label references to prevent XSS.
+
+
## 12.5.0
### Security (15 changes)
diff --git a/changelogs/unreleased/security-28802-respect-fork-parent-visibility-ee.yml b/changelogs/unreleased/security-28802-respect-fork-parent-visibility-ee.yml
deleted file mode 100644
index 8872b73a0cc..00000000000
--- a/changelogs/unreleased/security-28802-respect-fork-parent-visibility-ee.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Check permissions before showing a forked project's source
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-2943-encrypt-plaintext-tokens.yml b/changelogs/unreleased/security-2943-encrypt-plaintext-tokens.yml
deleted file mode 100644
index d040565da73..00000000000
--- a/changelogs/unreleased/security-2943-encrypt-plaintext-tokens.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Encrypt application setting tokens
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-29660-update-dependencies.yml b/changelogs/unreleased/security-29660-update-dependencies.yml
deleted file mode 100644
index 283d951e69e..00000000000
--- a/changelogs/unreleased/security-29660-update-dependencies.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Update Workhorse and Gitaly to fix a security issue
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-ag-cycle-analytics-guest-permissions.yml b/changelogs/unreleased/security-ag-cycle-analytics-guest-permissions.yml
deleted file mode 100644
index c7a3b8923cd..00000000000
--- a/changelogs/unreleased/security-ag-cycle-analytics-guest-permissions.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Hide commit counts from guest users in Cycle Analytics.
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-dns-rebind-ssrf-in-slack-notifications.yml b/changelogs/unreleased/security-dns-rebind-ssrf-in-slack-notifications.yml
deleted file mode 100644
index 5f9713ef844..00000000000
--- a/changelogs/unreleased/security-dns-rebind-ssrf-in-slack-notifications.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Limit potential for DNS rebind SSRF in chat notifications
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-exclude_ids_attribute_cleaning.yml b/changelogs/unreleased/security-exclude_ids_attribute_cleaning.yml
deleted file mode 100644
index 08fc1393f20..00000000000
--- a/changelogs/unreleased/security-exclude_ids_attribute_cleaning.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Ensure are cleaned by ImportExport::AttributeCleaner
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-filter-related-branches-from-activity-feed.yml b/changelogs/unreleased/security-filter-related-branches-from-activity-feed.yml
deleted file mode 100644
index 78d87ef37a5..00000000000
--- a/changelogs/unreleased/security-filter-related-branches-from-activity-feed.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: Remove notes regarding Related Branches from Issue activity feeds for guest
- users
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-fix-xss-in-label-namespace.yml b/changelogs/unreleased/security-fix-xss-in-label-namespace.yml
deleted file mode 100644
index 342cf3e68cb..00000000000
--- a/changelogs/unreleased/security-fix-xss-in-label-namespace.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Escape namespace in label references to prevent XSS
-merge_request:
-author:
-type: security
View Lorry Controller Status