summaryrefslogtreecommitdiff
path: root/changelogs/unreleased
diff options
context:
space:
mode:
Diffstat (limited to 'changelogs/unreleased')
-rw-r--r--changelogs/unreleased/security-2682-fix-xss-for-markdown-toc.yml5
-rw-r--r--changelogs/unreleased/security-fj-bumping-sanitize-gem.yml5
-rw-r--r--changelogs/unreleased/security-html_escape_branch_name.yml5
-rw-r--r--changelogs/unreleased/security-html_escape_usernames.yml5
-rw-r--r--changelogs/unreleased/security-rd-do-not-show-internal-info-in-public-feed.yml5
5 files changed, 0 insertions, 25 deletions
diff --git a/changelogs/unreleased/security-2682-fix-xss-for-markdown-toc.yml b/changelogs/unreleased/security-2682-fix-xss-for-markdown-toc.yml
deleted file mode 100644
index f595678c3c2..00000000000
--- a/changelogs/unreleased/security-2682-fix-xss-for-markdown-toc.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix XSS vulnerability for table of content generation
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-fj-bumping-sanitize-gem.yml b/changelogs/unreleased/security-fj-bumping-sanitize-gem.yml
deleted file mode 100644
index bec1033425d..00000000000
--- a/changelogs/unreleased/security-fj-bumping-sanitize-gem.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Update sanitize gem to 4.6.5 to fix HTML injection vulnerability
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-html_escape_branch_name.yml b/changelogs/unreleased/security-html_escape_branch_name.yml
deleted file mode 100644
index 02d1065348f..00000000000
--- a/changelogs/unreleased/security-html_escape_branch_name.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: HTML escape branch name in project graphs page
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-html_escape_usernames.yml b/changelogs/unreleased/security-html_escape_usernames.yml
deleted file mode 100644
index 7e69e4ae266..00000000000
--- a/changelogs/unreleased/security-html_escape_usernames.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: HTML escape the name of the user in ProjectsHelper#link_to_member
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-rd-do-not-show-internal-info-in-public-feed.yml b/changelogs/unreleased/security-rd-do-not-show-internal-info-in-public-feed.yml
deleted file mode 100644
index ff78c162dff..00000000000
--- a/changelogs/unreleased/security-rd-do-not-show-internal-info-in-public-feed.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Don't show events from internal projects for anonymous users in public feed
-merge_request:
-author:
-type: security
View Lorry Controller Status