summaryrefslogtreecommitdiff
path: root/CHANGELOG.md
diff options
context:
space:
mode:
authorStan Hu <stanhu@gmail.com>2019-09-30 13:11:17 -0700
committerStan Hu <stanhu@gmail.com>2019-09-30 13:11:17 -0700
commit4542a994b116a19e7d9285d873dbe9bda8eb2d06 (patch)
tree92a45863599e32fbeb17b8f042823c8a6ba51339 /CHANGELOG.md
parent38c4c867f6b7ccf4064772e82ee7b09f91c55310 (diff)
parentb4cdff15ca53312ccbbafe4effac85b1ee4420ae (diff)
downloadgitlab-ce-4542a994b116a19e7d9285d873dbe9bda8eb2d06.tar.gz
Merge branch 'master' into dev-master
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r--CHANGELOG.md17
1 files changed, 14 insertions, 3 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 68c0f0e6255..65058d746c5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,16 +4,18 @@ entry.
## 12.3.2
-### Security (10 changes)
+### Security (12 changes)
- Fix Gitaly SearchBlobs flag RPC injection.
- Add a policy check for system notes that may not be visible due to cross references to private items.
- Display only participants that user has permission to see on milestone page.
- Do not disclose project milestones on group milestones page when project milestones access is disabled in project settings.
+- Check permissions before showing head pipeline blocking merge requests.
- Fix new project path being disclosed through unsubscribe link of issue/merge requests.
- Prevent bypassing email verification using Salesforce.
- Do not show resource label events referencing not accessible labels.
- Cancel all running CI jobs triggered by the user who is just blocked.
+- Fix Gitaly SearchBlobs flag RPC injection.
- Only render fixed number of mermaid blocks.
- Prevent GitLab accounts takeover if SAML is configured.
@@ -299,11 +301,12 @@ entry.
## 12.2.6
-### Security (10 changes)
+### Security (11 changes)
- Add a policy check for system notes that may not be visible due to cross references to private items.
- Display only participants that user has permission to see on milestone page.
- Do not disclose project milestones on group milestones page when project milestones access is disabled in project settings.
+- Check permissions before showing head pipeline blocking merge requests.
- Fix new project path being disclosed through unsubscribe link of issue/merge requests.
- Prevent bypassing email verification using Salesforce.
- Do not show resource label events referencing not accessible labels.
@@ -633,11 +636,19 @@ entry.
## 12.1.12
+<<<<<<< HEAD
### Security (11 changes)
+=======
+### Security (12 changes)
+>>>>>>> master
- Add a policy check for system notes that may not be visible due to cross references to private items.
- Display only participants that user has permission to see on milestone page.
- Do not disclose project milestones on group milestones page when project milestones access is disabled in project settings.
+<<<<<<< HEAD
+=======
+- Check permissions before showing head pipeline blocking merge requests.
+>>>>>>> master
- Fix new project path being disclosed through unsubscribe link of issue/merge requests.
- Prevent bypassing email verification using Salesforce.
- Do not show resource label events referencing not accessible labels.
@@ -8416,7 +8427,7 @@ entry.
- Reinstate is_admin flag in users api when authenticated user is an admin. !12211 (rickettm)
- Fix edit button for deploy keys available from other projects. !12301 (Alexander Randa)
- Fix passing CI_ENVIRONMENT_NAME and CI_ENVIRONMENT_SLUG for CI_ENVIRONMENT_URL. !12344
-- Disable environment list refresh due to bug https://gitlab.com/gitlab-org/gitlab-ee/issues/2677. !12347
+- Disable environment list refresh due to bug https://gitlab.com/gitlab-org/gitlab/issues/2677. !12347
- Standardize timeline note margins across different viewport sizes. !12364
- Fix Ordered Task List Items. !31483 (Jared Deckard <jared.deckard@gmail.com>)
- Upgrade dependency to Go 1.8.3. !31943