diff options
Diffstat (limited to 'CHANGELOG.md')
| -rw-r--r-- | CHANGELOG.md | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 30b649937d0..74393c6b1e5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,24 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 11.9.12 (2019-05-30) + +### Security (12 changes, 1 of them is from the community) + +- Protect Gitlab::HTTP against DNS rebinding attack. +- Fix project visibility level validation. (Peter Marko) +- Update Knative version. +- Add DNS rebinding protection settings. +- Prevent XSS injection in note imports. +- Prevent invalid branch for merge request. +- Filter relative links in wiki for XSS. +- Fix confidential issue label disclosure on milestone view. +- Fix url redaction for issue links. +- Resolve: Milestones leaked via search API. +- Prevent bypass of restriction disabling web password sign in. +- Hide confidential issue title on unsubscribe for anonymous users. + + ## 11.9.11 (2019-04-30) ### Security (1 change) |