diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-11 08:13:15 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-11 08:13:15 +0000 |
commit | 9fb9cbf50c31dc9d99fe3d6fd04782fbfc4216c0 (patch) | |
tree | 2e828365b8c7efe281d7fc25aa89f01a694140e1 /CHANGELOG.md | |
parent | 2bfe9c05cc1032f9daa253e7b2d507bd215e00b9 (diff) | |
download | gitlab-ce-9fb9cbf50c31dc9d99fe3d6fd04782fbfc4216c0.tar.gz |
Add latest changes from gitlab-org/security/gitlab@13-8-stable-eev13.8.4
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r-- | CHANGELOG.md | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index cf92f4b7651..46776b926c1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,21 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 13.8.4 (2021-02-11) + +### Security (9 changes) + +- Cancel running and pending jobs when a project is deleted. !1220 +- Prevent Denial of Service Attack on gitlab-shell. +- Prevent exposure of confidential issue titles in file browser. +- Updates authorization for linting API. +- Check user access on API merge request read actions. +- Limit daily invitations to groups and projects. +- Enforce the analytics enabled project setting for project-level analytics features. +- Perform SSL verification for FortiTokenCloud Integration. +- Prevent Server-side Request Forgery for Prometheus when secured by Google IAP. + + ## 13.8.3 (2021-02-05) ### Fixed (2 changes) |