diff options
Diffstat (limited to 'CHANGELOG.md')
| -rw-r--r-- | CHANGELOG.md | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 3441858fd7c..59fb71c3245 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,9 +2,22 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 12.5.1 + +### Security (8 changes) + +- Check permissions before showing a forked project's source. +- Encrypt application setting tokens. +- Update Workhorse and Gitaly to fix a security issue. +- Hide commit counts from guest users in Cycle Analytics. +- Limit potential for DNS rebind SSRF in chat notifications. +- Ensure are cleaned by ImportExport::AttributeCleaner. +- Remove notes regarding Related Branches from Issue activity feeds for guest users. +- Escape namespace in label references to prevent XSS. + + ## 12.5.0 -- No changes. ### Security (15 changes) - Enable the HttpOnly flag for experimentation_subject_id cookie. !19189 |