diff options
| author | GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> | 2020-04-30 14:14:19 +0000 |
|---|---|---|
| committer | GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> | 2020-04-30 14:14:19 +0000 |
| commit | 4a650a2b4ea11e3bbe9020ac7de1da5e718ce1d0 (patch) | |
| tree | 436e77c4bee3f31317f454634c98e04fbda55daa /CHANGELOG.md | |
| parent | 20444f9b5a10337392306102165d45fe2b24a662 (diff) | |
| download | gitlab-ce-4a650a2b4ea11e3bbe9020ac7de1da5e718ce1d0.tar.gz | |
Update CHANGELOG.md for 12.10.2
[ci skip]
Diffstat (limited to 'CHANGELOG.md')
| -rw-r--r-- | CHANGELOG.md | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 48a55ff660d..223fadfba69 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,20 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 12.10.2 (2020-04-30) + +### Security (8 changes) + +- Ensure MR diff exists before codeowner check. +- Apply CODEOWNERS validations to web requests. +- Prevent unauthorized access to default branch. +- Do not return private project ID without permission. +- Fix doorkeeper CVE-2020-10187. +- Change GitHub service integration token input to password. +- Return only safe urls for mirrors. +- Validate workhorse 'rewritten_fields' and properly use them during multipart uploads. + + ## 12.10.1 (2020-04-24) ### Fixed (5 changes) |