Update CHANGELOG.md for 11.9.3

[ci skip]
author: GitLab Release Tools Bot <robert+release-tools@gitlab.com> 2019-03-27 16:08:58 +0000
committer: GitLab Release Tools Bot <robert+release-tools@gitlab.com> 2019-03-27 16:08:58 +0000
commit: c29a92fc31acaefcc60abf1c9354d148ffc6985c (patch)
tree: 2705d16d086673280d418bc8d1c82ebdd9f9972a /CHANGELOG.md
parent: 42b8ba805de2b0b05d4f4a72c0737b76a3f95c01 (diff)
download: gitlab-ce-c29a92fc31acaefcc60abf1c9354d148ffc6985c.tar.gz
1 files changed, 14 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9f0369a5d79..a8e48dee42e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,20 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 11.9.3 (2019-03-27)
+
+### Security (8 changes)
+
+- Disallow guest users from accessing Releases.
+- Fix PDF.js vulnerability.
+- Hide "related branches" when user does not have permission.
+- Fix XSS in resolve conflicts form.
+- Added rake task for removing EXIF data from existing uploads.
+- Return cached languages if they've been detected before.
+- Disallow updating namespace when updating a project.
+- Use UntrustedRegexp for matching refs policy.
+
+
 ## 11.9.2 (2019-03-26)
 
 ### Security (8 changes)
author	GitLab Release Tools Bot <robert+release-tools@gitlab.com>	2019-03-27 16:08:58 +0000
committer	GitLab Release Tools Bot <robert+release-tools@gitlab.com>	2019-03-27 16:08:58 +0000
commit	c29a92fc31acaefcc60abf1c9354d148ffc6985c (patch)
tree	2705d16d086673280d418bc8d1c82ebdd9f9972a /CHANGELOG.md
parent	42b8ba805de2b0b05d4f4a72c0737b76a3f95c01 (diff)
download	gitlab-ce-c29a92fc31acaefcc60abf1c9354d148ffc6985c.tar.gz