Merge branch 'fix/unauthorized-access-to-build-data' into 'master'

Remove 'unscoped' from project builds selection This is a fix for this security bug: https://gitlab.com/gitlab-org/gitlab-ce/issues/18188 /cc @kamil @grzegorz @stanhu See merge request !1968
author: Douwe Maan <douwe@gitlab.com> 2016-06-06 08:59:06 +0000
committer: Tomasz Maczukin <tomasz@maczukin.pl> 2016-06-14 22:25:10 +0200
commit: 6a5139276352d7fcb10dc9a3a0f89d676799e894 (patch)
tree: 7178496c1cd8a8b68286cfeaf6cb91037966095a /CHANGELOG
parent: 767d3223fc9ce1513274ce6fc3ab7eb3d7c7349c (diff)
download: gitlab-ce-6a5139276352d7fcb10dc9a3a0f89d676799e894.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 134aaffbe0e..dba9b54295f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -7,6 +7,7 @@ v 8.8.5
   - Fix importer for GitHub comments on diff
   - Adjust the SAML control flow to allow LDAP identities to be added to an existing SAML user
   - Fix incremental trace upload API when using multi-byte UTF-8 chars in trace
+  - Prevent unauthorized access for projects build traces
 
 v 8.8.4
   - Fix LDAP-based login for users with 2FA enabled. !4493
author	Douwe Maan <douwe@gitlab.com>	2016-06-06 08:59:06 +0000
committer	Tomasz Maczukin <tomasz@maczukin.pl>	2016-06-14 22:25:10 +0200
commit	6a5139276352d7fcb10dc9a3a0f89d676799e894 (patch)
tree	7178496c1cd8a8b68286cfeaf6cb91037966095a /CHANGELOG
parent	767d3223fc9ce1513274ce6fc3ab7eb3d7c7349c (diff)
download	gitlab-ce-6a5139276352d7fcb10dc9a3a0f89d676799e894.tar.gz