diff options
author | GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> | 2019-09-26 22:36:05 +0000 |
---|---|---|
committer | Yorick Peterse <yorick@yorickpeterse.com> | 2019-09-30 14:22:04 +0200 |
commit | 1141cdbf81f91f372a78286309c55020780a8504 (patch) | |
tree | b864f0ce235075dddb31620232f32c2d55038ad3 /CHANGELOG.md | |
parent | 08558766230953a8c0f5ea65d3d053ea17417a82 (diff) | |
download | gitlab-ce-1141cdbf81f91f372a78286309c55020780a8504.tar.gz |
Update CHANGELOG.md for 12.2.6
[ci skip]
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r-- | CHANGELOG.md | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 536826ca9b9..e71ae5e207e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -297,6 +297,22 @@ entry. - Updates tooltip of 'detached' label/state. +## 12.2.6 + +### Security (10 changes) + +- Add a policy check for system notes that may not be visible due to cross references to private items. +- Display only participants that user has permission to see on milestone page. +- Do not disclose project milestones on group milestones page when project milestones access is disabled in project settings. +- Fix new project path being disclosed through unsubscribe link of issue/merge requests. +- Prevent bypassing email verification using Salesforce. +- Do not show resource label events referencing not accessible labels. +- Cancel all running CI jobs triggered by the user who is just blocked. +- Fix Gitaly SearchBlobs flag RPC injection [Gitaly v1.59.3]. +- Only render fixed number of mermaid blocks. +- Prevent GitLab accounts takeover if SAML is configured. + + ## 12.2.5 ### Security (1 change) |