diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-03-30 22:42:44 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-03-30 22:43:07 +0000 |
| commit | ac9a8518364e91d64cb01732bf41896b6d2912b6 (patch) | |
| tree | 066754ab194088efaa216ae87e841e0ee9f1e36f /changelogs | |
| parent | d455bcf1e412ab4a4abdfbe691fc40e3d4a0ce8a (diff) | |
| download | gitlab-ce-ac9a8518364e91d64cb01732bf41896b6d2912b6.tar.gz | |
Add latest changes from gitlab-org/security/gitlab@13-10-stable-ee
Diffstat (limited to 'changelogs')
| -rw-r--r-- | changelogs/unreleased/security-fix-xss-in-mr-sidebar.yml | 5 | ||||
| -rw-r--r-- | changelogs/unreleased/security-sh-json-validator-open-uri-patch.yml | 5 |
2 files changed, 10 insertions, 0 deletions
diff --git a/changelogs/unreleased/security-fix-xss-in-mr-sidebar.yml b/changelogs/unreleased/security-fix-xss-in-mr-sidebar.yml new file mode 100644 index 00000000000..a04c1038877 --- /dev/null +++ b/changelogs/unreleased/security-fix-xss-in-mr-sidebar.yml @@ -0,0 +1,5 @@ +--- +title: Fixed XSS in merge requests sidebar +merge_request: +author: +type: security diff --git a/changelogs/unreleased/security-sh-json-validator-open-uri-patch.yml b/changelogs/unreleased/security-sh-json-validator-open-uri-patch.yml new file mode 100644 index 00000000000..bf51ad66174 --- /dev/null +++ b/changelogs/unreleased/security-sh-json-validator-open-uri-patch.yml @@ -0,0 +1,5 @@ +--- +title: Disable arbitrary URI and file reads in JSON validator +merge_request: +author: +type: security |