diff options
author | Lin Jen-Shin <godfat@godfat.org> | 2017-05-05 21:20:29 +0800 |
---|---|---|
committer | Lin Jen-Shin <godfat@godfat.org> | 2017-05-05 21:20:29 +0800 |
commit | 6a655bf4f092098113de96da1edc81dfab3963b5 (patch) | |
tree | 63fec103035ce4863a7779685250c967e4dcfa13 | |
parent | 63bd491306f1371b635e809242f630c322b1bf40 (diff) | |
parent | ac1050c2638ed8adaaee14b9f2b9c54a6bbcc82d (diff) | |
download | gitlab-ce-6a655bf4f092098113de96da1edc81dfab3963b5.tar.gz |
Merge remote-tracking branch 'dev/9-1-stable' into 9-1-stable
* dev/9-1-stable:
Update VERSION to 9.1.3
Update CHANGELOG.md for 9.1.3
-rw-r--r-- | CHANGELOG.md | 11 | ||||
-rw-r--r-- | VERSION | 2 | ||||
-rw-r--r-- | changelogs/unreleased/31157-respect-project-features-in-wiki-search.yml | 4 | ||||
-rw-r--r-- | changelogs/unreleased/branch-name-escape.yml | 4 | ||||
-rw-r--r-- | changelogs/unreleased/bvl-markup-pipeline.yml | 4 | ||||
-rw-r--r-- | changelogs/unreleased/bvl-validate-urls-in-markdown-using-uri.yml | 4 | ||||
-rw-r--r-- | changelogs/unreleased/hamlit-xss-fix.yml | 4 | ||||
-rw-r--r-- | changelogs/unreleased/rs-sanitize-submodule-urls.yml | 4 | ||||
-rw-r--r-- | changelogs/unreleased/snippets-finder-visibility.yml | 4 | ||||
-rw-r--r-- | changelogs/unreleased/snippets_visibility.yml | 4 |
10 files changed, 12 insertions, 33 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index ccf42a38219..30ff809cc52 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,17 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 9.1.3 (2017-05-05) + +- Enforce project features when searching blobs and wikis. +- Fixed branches dropdown rendering branch names as HTML. +- Make Asciidoc & other markup go through pipeline to prevent XSS. +- Validate URLs in markdown using URI to detect the host correctly. +- Fix for XSS in project import view caused by Hamlit filter usage. +- Sanitize submodule URLs before linking to them in the file tree view. +- Refactor snippets finder & dont return internal snippets for external users. +- Fix snippets visibility for show action - external users can not see internal snippets. + ## 9.1.2 (2017-05-01) - Add index on ci_runners.contacted_at. !10876 (blackst0ne) @@ -1 +1 @@ -9.1.2 +9.1.3 diff --git a/changelogs/unreleased/31157-respect-project-features-in-wiki-search.yml b/changelogs/unreleased/31157-respect-project-features-in-wiki-search.yml deleted file mode 100644 index 721bb435a2e..00000000000 --- a/changelogs/unreleased/31157-respect-project-features-in-wiki-search.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: Enforce project features when searching blobs and wikis -merge_request: -author: diff --git a/changelogs/unreleased/branch-name-escape.yml b/changelogs/unreleased/branch-name-escape.yml deleted file mode 100644 index bf46235fd79..00000000000 --- a/changelogs/unreleased/branch-name-escape.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: Fixed branches dropdown rendering branch names as HTML -merge_request: -author: diff --git a/changelogs/unreleased/bvl-markup-pipeline.yml b/changelogs/unreleased/bvl-markup-pipeline.yml deleted file mode 100644 index d73bad03340..00000000000 --- a/changelogs/unreleased/bvl-markup-pipeline.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: Make Asciidoc & other markup go through pipeline to prevent XSS -merge_request: -author: diff --git a/changelogs/unreleased/bvl-validate-urls-in-markdown-using-uri.yml b/changelogs/unreleased/bvl-validate-urls-in-markdown-using-uri.yml deleted file mode 100644 index 03c4e531d73..00000000000 --- a/changelogs/unreleased/bvl-validate-urls-in-markdown-using-uri.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: Validate URLs in markdown using URI to detect the host correctly -merge_request: -author: diff --git a/changelogs/unreleased/hamlit-xss-fix.yml b/changelogs/unreleased/hamlit-xss-fix.yml deleted file mode 100644 index ba4713846e9..00000000000 --- a/changelogs/unreleased/hamlit-xss-fix.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: Fix for XSS in project import view caused by Hamlit filter usage. -merge_request: -author: diff --git a/changelogs/unreleased/rs-sanitize-submodule-urls.yml b/changelogs/unreleased/rs-sanitize-submodule-urls.yml deleted file mode 100644 index 463b3695687..00000000000 --- a/changelogs/unreleased/rs-sanitize-submodule-urls.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: Sanitize submodule URLs before linking to them in the file tree view -merge_request: -author: diff --git a/changelogs/unreleased/snippets-finder-visibility.yml b/changelogs/unreleased/snippets-finder-visibility.yml deleted file mode 100644 index fde2262cc8d..00000000000 --- a/changelogs/unreleased/snippets-finder-visibility.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: Refactor snippets finder & dont return internal snippets for external users -merge_request: -author: diff --git a/changelogs/unreleased/snippets_visibility.yml b/changelogs/unreleased/snippets_visibility.yml deleted file mode 100644 index 4c10c6882ab..00000000000 --- a/changelogs/unreleased/snippets_visibility.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: Fix snippets visibility for show action - external users can not see internal snippets -merge_request: -author: |