summaryrefslogtreecommitdiff
path: root/CHANGELOG.md
diff options
context:
space:
mode:
authorGitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>2019-09-26 22:23:51 +0000
committerGitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>2019-09-26 22:23:51 +0000
commitda27da93b4ece9a44a04fdfb9cc2e3c3443b9576 (patch)
treea78791c2a5adf49cf38cc1c7f84b0774d3a70850 /CHANGELOG.md
parent5707f305f4b961e24369fcdaecf0b8ce1c34bad8 (diff)
downloadgitlab-ce-da27da93b4ece9a44a04fdfb9cc2e3c3443b9576.tar.gz
Update CHANGELOG.md for 12.3.2
[ci skip]
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r--CHANGELOG.md16
1 files changed, 16 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index f1a38a2625f..b71039316ba 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,22 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
+## 12.3.2
+
+### Security (10 changes)
+
+- Fix Gitaly SearchBlobs flag RPC injection.
+- Add a policy check for system notes that may not be visible due to cross references to private items.
+- Display only participants that user has permission to see on milestone page.
+- Do not disclose project milestones on group milestones page when project milestones access is disabled in project settings.
+- Fix new project path being disclosed through unsubscribe link of issue/merge requests.
+- Prevent bypassing email verification using Salesforce.
+- Do not show resource label events referencing not accessible labels.
+- Cancel all running CI jobs triggered by the user who is just blocked.
+- Only render fixed number of mermaid blocks.
+- Prevent GitLab accounts takeover if SAML is configured.
+
+
## 12.3.1
### Fixed (4 changes)