diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-02-25 19:25:21 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-02-25 19:25:21 +0000 |
| commit | 077f013e7e823112a59f609d8554d084bc9087ba (patch) | |
| tree | cb0a2fc685bcc0c383fce620550b7691f341c760 | |
| parent | 9965f47147b062c8d717a4e354ab1c9a4ca01b82 (diff) | |
| download | gitlab-ce-14.7.4.tar.gz | |
Add latest changes from gitlab-org/security/gitlab@14-7-stable-eev14.7.4
| -rw-r--r-- | CHANGELOG.md | 13 | ||||
| -rw-r--r-- | GITALY_SERVER_VERSION | 2 |
2 files changed, 14 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index a29b06eea6e..3d1db342505 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,19 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 14.7.4 (2022-02-25) + +### Security (8 changes) + +- [Limit commands_changes to certain keys](gitlab-org/security/gitlab@59351be8d1d868e31bc849482b266e4047710eeb) ([merge request](gitlab-org/security/gitlab!2226)) +- [Add runners_token prefix to Group and Project](gitlab-org/security/gitlab@74615b7fd5359c4da7f1a3ca9052685e81e1690f) ([merge request](gitlab-org/security/gitlab!2249)) +- [Anonymous user can enumerate all users through GraphQL endpoint](gitlab-org/security/gitlab@e213dfc546020d3f88b40cdfc0f877138b0aaef5) ([merge request](gitlab-org/security/gitlab!2119)) +- [Check for unsafe characters in email addresses before sending](gitlab-org/security/gitlab@395385ffccfd9d25063531ea955b179d9bc4f0c5) ([merge request](gitlab-org/security/gitlab!2207)) +- [Warn when snippet contains unretrievable files](gitlab-org/security/gitlab@dc4b3c00284e17bcbf20ec2ae1ee7e8a7efae9b2) ([merge request](gitlab-org/security/gitlab!2204)) +- [Prevent DOS when rendering math markdown](gitlab-org/security/gitlab@f01674f210dee4c803b4850292d16412463b18e3) ([merge request](gitlab-org/security/gitlab!2200)) +- [Check permission when creating members through service](gitlab-org/security/gitlab@4f9b302511ddfaf07af8d08d848252e0c64ff307) ([merge request](gitlab-org/security/gitlab!2210)) +- [Reset password field on page load](gitlab-org/security/gitlab@1a6541462e1ddd58ea9a172fbd3c0b9026760784) ([merge request](gitlab-org/security/gitlab!2193)) + ## 14.7.3 (2022-02-15) ### Fixed (2 changes) diff --git a/GITALY_SERVER_VERSION b/GITALY_SERVER_VERSION index 1f4bff5c623..45bfbe72f7a 100644 --- a/GITALY_SERVER_VERSION +++ b/GITALY_SERVER_VERSION @@ -1 +1 @@ -14.7.3
\ No newline at end of file +14.7.4
\ No newline at end of file |