summaryrefslogtreecommitdiff
path: root/CHANGELOG.md
diff options
context:
space:
mode:
authorGitLab Release Tools Bot <robert+release-tools@gitlab.com>2018-09-26 16:14:07 +0000
committerGitLab Release Tools Bot <robert+release-tools@gitlab.com>2018-09-26 16:14:07 +0000
commite5d3a75aac4f0bb287699b21f3a56b8bfe499665 (patch)
treeace8ab35adff8f87e547b15fb3842eb4c9c9bcc4 /CHANGELOG.md
parent729e1d13297039780b8f3aedc1b4617ce33785fd (diff)
downloadgitlab-ce-e5d3a75aac4f0bb287699b21f3a56b8bfe499665.tar.gz
Update CHANGELOG.md for 11.3.1
[ci skip]
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r--CHANGELOG.md12
1 files changed, 12 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 407ca3fea57..c9ab8599d99 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,18 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
+## 11.3.1 (2018-09-26)
+
+### Security (6 changes)
+
+- Redact confidential events in the API.
+- Set timeout for syntax highlighting.
+- Sanitize JSON data properly to fix XSS on Issue details page.
+- Fix stored XSS in merge requests from imported repository.
+- Fix xss vulnerability sourced from package.json.
+- Block loopback addresses in UrlBlocker.
+
+
## 11.3.0 (2018-09-22)
### Security (5 changes, 1 of them is from the community)