diff options
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r-- | CHANGELOG.md | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 9e8fe286647..629a092977f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,28 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 13.9.5 (2021-03-31) + +### Security (6 changes) + +- Leave pool repository on fork unlinking. +- Fixed XSS in merge requests sidebar. +- Fix arbitrary read/write in AsciiDoctor and Kroki gems. +- Prevent infinite loop when checking if collaboration is allowed. +- Disable arbitrary URI and file reads in JSON validator. +- Require POST request to trigger system hooks. + +### Removed (1 change) + +- Make HipChat project service do nothing. !57434 + +### Other (3 changes) + +- Remove direct mimemagic dependency. !57387 +- Refactor MimeMagic calls to new MimeType class. !57421 +- Switch to using a fake mimemagic gem. !57443 + + ## 13.9.4 (2021-03-17) ### Security (1 change) |