Add latest changes from gitlab-org/security/gitlab@13-8-stable-eev13.8.2

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-02-01 15:10:25 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-02-01 15:10:25 +0000
commit: 643958d42f2c8a43c6f479e13c7dea267de8f638 (patch)
tree: 0ec5963187ed6751b79d8d1e54c1f36f89c13f26 /CHANGELOG.md
parent: 85b355c3e92a58d9ba7ae0ff3f67f8a6348da7c7 (diff)
download: gitlab-ce-643958d42f2c8a43c6f479e13c7dea267de8f638.tar.gz
1 files changed, 11 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index b1ca8236840..72177fdb5d4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,17 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 13.8.2 (2021-02-01)
+
+### Security (5 changes)
+
+- Filter sensitive GraphQL variables from logs.
+- Avoid exposing release links when the user cannot read git-tag/repository.
+- Sanitize target branch on MR page.
+- Fix DNS rebinding protection bypass when allowing an IP address in Outbound Requests setting.
+- Add routes for unmatched url for not-get requests.
+
+
 ## 13.8.1 (2021-01-26)
 
 ### Fixed (3 changes)
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-02-01 15:10:25 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-02-01 15:10:25 +0000
commit	643958d42f2c8a43c6f479e13c7dea267de8f638 (patch)
tree	0ec5963187ed6751b79d8d1e54c1f36f89c13f26 /CHANGELOG.md
parent	85b355c3e92a58d9ba7ae0ff3f67f8a6348da7c7 (diff)
download	gitlab-ce-643958d42f2c8a43c6f479e13c7dea267de8f638.tar.gz