Fix gitlab api token recovery

author: Vladimir Shushlin <vshushlin@gitlab.com> 2019-08-09 14:12:00 +0000
committer: John Skarbek <jskarbek@gitlab.com> 2019-08-09 14:12:00 +0000
commit: 2fe060a24080a1435d8ce2a75c025f91def92f82 (patch)
tree: 67479e7edb780f7afcf031102b1f3776c3ee7c17 /changelogs
parent: 71d8815405b09046b2e4bcf0ea0a732d21c87e2a (diff)
download: gitlab-ce-2fe060a24080a1435d8ce2a75c025f91def92f82.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/changelogs/unreleased/security-pages-api-token-recovery.yml b/changelogs/unreleased/security-pages-api-token-recovery.yml
new file mode 100644
index 00000000000..b8193368360
--- /dev/null
+++ b/changelogs/unreleased/security-pages-api-token-recovery.yml
@@ -0,0 +1,5 @@
+---
+title: Upgrade pages to 1.7.1 to prevent gitlab api token recovery from cookie
+merge_request:
+author:
+type: security
author	Vladimir Shushlin <vshushlin@gitlab.com>	2019-08-09 14:12:00 +0000
committer	John Skarbek <jskarbek@gitlab.com>	2019-08-09 14:12:00 +0000
commit	2fe060a24080a1435d8ce2a75c025f91def92f82 (patch)
tree	67479e7edb780f7afcf031102b1f3776c3ee7c17 /changelogs
parent	71d8815405b09046b2e4bcf0ea0a732d21c87e2a (diff)
download	gitlab-ce-2fe060a24080a1435d8ce2a75c025f91def92f82.tar.gz