Update CHANGELOG.md for 11.7.8

[ci skip]
author: GitLab Release Tools Bot <robert+release-tools@gitlab.com> 2019-03-26 21:45:57 +0000
committer: GitLab Release Tools Bot <robert+release-tools@gitlab.com> 2019-03-26 21:45:57 +0000
commit: 42b8ba805de2b0b05d4f4a72c0737b76a3f95c01 (patch)
tree: 0b62df5abe298b78e10f40f4ca9223fc18a8f66f /CHANGELOG.md
parent: 34a5dac064982ee52135a53aa5d2e341dfb36647 (diff)
download: gitlab-ce-42b8ba805de2b0b05d4f4a72c0737b76a3f95c01.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4a3228c60ed..9f0369a5d79 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -562,6 +562,19 @@ entry.
 - Creates mixin to reduce code duplication between CE and EE in graph component.
 
 
+## 11.7.8 (2019-03-26)
+
+### Security (7 changes)
+
+- Disallow guest users from accessing Releases.
+- Fix PDF.js vulnerability.
+- Hide "related branches" when user does not have permission.
+- Fix XSS in resolve conflicts form.
+- Added rake task for removing EXIF data from existing uploads.
+- Disallow updating namespace when updating a project.
+- Use UntrustedRegexp for matching refs policy.
+
+
 ## 11.7.7 (2019-03-19)
 
 ### Security (2 changes)
author	GitLab Release Tools Bot <robert+release-tools@gitlab.com>	2019-03-26 21:45:57 +0000
committer	GitLab Release Tools Bot <robert+release-tools@gitlab.com>	2019-03-26 21:45:57 +0000
commit	42b8ba805de2b0b05d4f4a72c0737b76a3f95c01 (patch)
tree	0b62df5abe298b78e10f40f4ca9223fc18a8f66f /CHANGELOG.md
parent	34a5dac064982ee52135a53aa5d2e341dfb36647 (diff)
download	gitlab-ce-42b8ba805de2b0b05d4f4a72c0737b76a3f95c01.tar.gz