diff options
author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-04-25 18:04:08 +0000 |
---|---|---|
committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-04-25 18:04:08 +0000 |
commit | dbe70751461eea0eca5e185b0749f59665c7b3fa (patch) | |
tree | e36d6f7b153dcb88a855fd9096e1c8686c13619a | |
parent | 69285c21c375240a290722a42befee788fa72f57 (diff) | |
download | gitlab-ce-dbe70751461eea0eca5e185b0749f59665c7b3fa.tar.gz |
Update CHANGELOG.md for 11.10.2
[ci skip]
-rw-r--r-- | CHANGELOG.md | 10 | ||||
-rw-r--r-- | changelogs/unreleased/security-id-email-xss.yml | 5 | ||||
-rw-r--r-- | changelogs/unreleased/security-issue_2830.yml | 5 | ||||
-rw-r--r-- | changelogs/unreleased/security-pb-email-watchers-no-access.yml | 5 |
4 files changed, 10 insertions, 15 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index bd4c0e479cc..5ace47828db 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,16 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 11.10.2 (2019-04-25) + +### Security (4 changes) + +- Loosen regex for exception sanitization. !3076 +- Resolve: moving an issue to private repo leaks namespace and project name. +- Escape path in new merge request mail. +- Stop sending emails to users who can't read commit. + + ## 11.10.1 (2019-04-23) ### Fixed (2 changes) diff --git a/changelogs/unreleased/security-id-email-xss.yml b/changelogs/unreleased/security-id-email-xss.yml deleted file mode 100644 index 36c00a70c6a..00000000000 --- a/changelogs/unreleased/security-id-email-xss.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Escape path in new merge request mail -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-issue_2830.yml b/changelogs/unreleased/security-issue_2830.yml deleted file mode 100644 index 244e105f7d4..00000000000 --- a/changelogs/unreleased/security-issue_2830.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: 'Resolve: moving an issue to private repo leaks namespace and project name' -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-pb-email-watchers-no-access.yml b/changelogs/unreleased/security-pb-email-watchers-no-access.yml deleted file mode 100644 index cc64ef1352f..00000000000 --- a/changelogs/unreleased/security-pb-email-watchers-no-access.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Stop sending emails to users who can't read commit -merge_request: -author: -type: security |