diff options
| author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2018-09-26 15:09:18 +0000 |
|---|---|---|
| committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2018-09-26 15:09:18 +0000 |
| commit | e72e9c1d58eef6e6d0ab9d681513f55aa575e8c8 (patch) | |
| tree | aceed24399325870f13f1d6ff0621ec6e0ce520e /CHANGELOG.md | |
| parent | 85f66f379957507a986927bd494000faf00f97fd (diff) | |
| download | gitlab-ce-e72e9c1d58eef6e6d0ab9d681513f55aa575e8c8.tar.gz | |
Update CHANGELOG.md for 11.2.4
[ci skip]
Diffstat (limited to 'CHANGELOG.md')
| -rw-r--r-- | CHANGELOG.md | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index e514a42108c..609de42383a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -249,6 +249,18 @@ entry. - Creates Vue component for artifacts block on job page. +## 11.2.4 (2018-09-26) + +### Security (6 changes) + +- Redact confidential events in the API. +- Set timeout for syntax highlighting. +- Sanitize JSON data properly to fix XSS on Issue details page. +- Fix stored XSS in merge requests from imported repository. +- Fix xss vulnerability sourced from package.json. +- Block loopback addresses in UrlBlocker. + + ## 11.2.3 (2018-08-28) ### Fixed (1 change) |