diff options
-rw-r--r-- | CHANGELOG.md | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 88521222b8a..c31af2488f0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -478,6 +478,24 @@ entry. - Removes EE differences for environment_item.vue. +## 11.9.12 (2019-05-30) + +### Security (12 changes, 1 of them is from the community) + +- Protect Gitlab::HTTP against DNS rebinding attack. +- Fix project visibility level validation. (Peter Marko) +- Update Knative version. +- Add DNS rebinding protection settings. +- Prevent XSS injection in note imports. +- Prevent invalid branch for merge request. +- Filter relative links in wiki for XSS. +- Fix confidential issue label disclosure on milestone view. +- Fix url redaction for issue links. +- Resolve: Milestones leaked via search API. +- Prevent bypass of restriction disabling web password sign in. +- Hide confidential issue title on unsubscribe for anonymous users. + + ## 11.9.10 (2019-04-26) ### Security (5 changes) |