Merge branch 'fix/escape-builds-commands-in-ci-linter' into 'security'

Escape HTML nodes in builds commands in ci linter This MR removes call to `simple_format` that behaves like `String#html_safe`, thus it passes unescaped HTML tags to the view. Closes #22541 See merge request !2001 Signed-off-by: Rémy Coutable <remy@rymai.me>
author: Robert Speicher <robert@gitlab.com> 2016-09-28 15:02:12 +0000
committer: Rémy Coutable <remy@rymai.me> 2016-09-28 17:50:04 +0200
commit: 23c297e781da2f8584fd47aecc2544e1a01b886f (patch)
tree: 1d2f37ab13234704351f814175ce87116863b752 /CHANGELOG
parent: 4f1a1bbc2b0501dd7ba227597e115517e3a1fb3f (diff)
download: gitlab-ce-23c297e781da2f8584fd47aecc2544e1a01b886f.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 81f9ea2de5d..ae6b9114a75 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -4,6 +4,7 @@ v 8.11.8
   - Respect the fork_project permission when forking projects
   - Set a restrictive CORS policy on the API for credentialed requests
   - API: disable rails session auth for non-GET/HEAD requests
+  - Escape HTML nodes in builds commands in CI linter
 
 v 8.11.7
   - Avoid conflict with admin labels when importing GitHub labels. !6158
author	Robert Speicher <robert@gitlab.com>	2016-09-28 15:02:12 +0000
committer	Rémy Coutable <remy@rymai.me>	2016-09-28 17:50:04 +0200
commit	23c297e781da2f8584fd47aecc2544e1a01b886f (patch)
tree	1d2f37ab13234704351f814175ce87116863b752 /CHANGELOG
parent	4f1a1bbc2b0501dd7ba227597e115517e3a1fb3f (diff)
download	gitlab-ce-23c297e781da2f8584fd47aecc2544e1a01b886f.tar.gz