summaryrefslogtreecommitdiff
path: root/CHANGELOG.md
diff options
context:
space:
mode:
authorGitLab Release Tools Bot <robert+release-tools@gitlab.com>2018-09-26 15:11:04 +0000
committerGitLab Release Tools Bot <robert+release-tools@gitlab.com>2018-09-26 15:11:04 +0000
commit729e1d13297039780b8f3aedc1b4617ce33785fd (patch)
tree521fddecd773c0511e6c738f976638ed5c2b0823 /CHANGELOG.md
parente72e9c1d58eef6e6d0ab9d681513f55aa575e8c8 (diff)
downloadgitlab-ce-729e1d13297039780b8f3aedc1b4617ce33785fd.tar.gz
Update CHANGELOG.md for 11.1.7
[ci skip]
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r--CHANGELOG.md12
1 files changed, 12 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 609de42383a..407ca3fea57 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -528,6 +528,18 @@ entry.
- Moves help_popover component to a common location.
+## 11.1.7 (2018-09-26)
+
+### Security (6 changes)
+
+- Redact confidential events in the API.
+- Set timeout for syntax highlighting.
+- Sanitize JSON data properly to fix XSS on Issue details page.
+- Fix stored XSS in merge requests from imported repository.
+- Fix xss vulnerability sourced from package.json.
+- Block loopback addresses in UrlBlocker.
+
+
## 11.1.6 (2018-08-28)
### Fixed (1 change)