diff options
author | Luke Bennett <lukeeeebennettplus@gmail.com> | 2018-02-05 13:47:44 +0000 |
---|---|---|
committer | Luke Bennett <lukeeeebennettplus@gmail.com> | 2018-02-05 13:47:44 +0000 |
commit | c0ad151c3f953615abe0b452193d5fee1bb13024 (patch) | |
tree | d79830620fb527814937dc213ff135e169a1883a | |
parent | eaec5ce9e7489b158b8181bb8b8e9c9bf7104ab7 (diff) | |
download | gitlab-ce-c0ad151c3f953615abe0b452193d5fee1bb13024.tar.gz |
Update CHANGELOG.md for 10.3.7
[ci skip]
5 files changed, 10 insertions, 20 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index a9e979ba204..aa64973207c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,16 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 10.3.7 (2018-02-05) + +### Security (4 changes) + +- Fix namespace access issue for GitHub, BitBucket, and GitLab.com project importers. +- Fix stored XSS in code blocks that ignore highlighting. +- Fix wilcard protected tags protecting all branches. +- Restrict Todo API mark_as_done endpoint to the user's todos only. + + ## 10.3.6 (2018-01-22) ### Fixed (17 changes, 2 of them are from the community) diff --git a/changelogs/unreleased/fix-gh-namespace-issue.yml b/changelogs/unreleased/fix-gh-namespace-issue.yml deleted file mode 100644 index 2db7abb9d58..00000000000 --- a/changelogs/unreleased/fix-gh-namespace-issue.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Fix namespace access issue for GitHub, BitBucket, and GitLab.com project importers -merge_request: -author: -type: security diff --git a/changelogs/unreleased/fix-stored-xss-in-code-blocks.yml b/changelogs/unreleased/fix-stored-xss-in-code-blocks.yml deleted file mode 100644 index b595459ee6b..00000000000 --- a/changelogs/unreleased/fix-stored-xss-in-code-blocks.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Fix stored XSS in code blocks that ignore highlighting -merge_request: -author: -type: security diff --git a/changelogs/unreleased/mc-bug-38984-wildcard-protected-tags.yml b/changelogs/unreleased/mc-bug-38984-wildcard-protected-tags.yml deleted file mode 100644 index 27219b096af..00000000000 --- a/changelogs/unreleased/mc-bug-38984-wildcard-protected-tags.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Fix wilcard protected tags protecting all branches -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-10-4-todo-api-reveals-sensitive-information.yml b/changelogs/unreleased/security-10-4-todo-api-reveals-sensitive-information.yml deleted file mode 100644 index 329825d1e73..00000000000 --- a/changelogs/unreleased/security-10-4-todo-api-reveals-sensitive-information.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Restrict Todo API mark_as_done endpoint to the user's todos only -merge_request: -author: -type: security |