diff options
Diffstat (limited to 'changelogs/unreleased')
| -rw-r--r-- | changelogs/unreleased/security-package-regex-dos.yml | 5 | ||||
| -rw-r--r-- | changelogs/unreleased/security-pages-1-33.yml | 5 | ||||
| -rw-r--r-- | changelogs/unreleased/security-trusted-confidential-apps.yml | 5 |
3 files changed, 15 insertions, 0 deletions
diff --git a/changelogs/unreleased/security-package-regex-dos.yml b/changelogs/unreleased/security-package-regex-dos.yml new file mode 100644 index 00000000000..79bec83526d --- /dev/null +++ b/changelogs/unreleased/security-package-regex-dos.yml @@ -0,0 +1,5 @@ +--- +title: Fix regular expression backtracking issue in package name validation +merge_request: +author: +type: security diff --git a/changelogs/unreleased/security-pages-1-33.yml b/changelogs/unreleased/security-pages-1-33.yml new file mode 100644 index 00000000000..d3ca056eefc --- /dev/null +++ b/changelogs/unreleased/security-pages-1-33.yml @@ -0,0 +1,5 @@ +--- +title: Fix stealing API token from GitLab Pages and DoS Prometheus through GitLab Pages +merge_request: +author: +type: security diff --git a/changelogs/unreleased/security-trusted-confidential-apps.yml b/changelogs/unreleased/security-trusted-confidential-apps.yml new file mode 100644 index 00000000000..b4f7a9eb448 --- /dev/null +++ b/changelogs/unreleased/security-trusted-confidential-apps.yml @@ -0,0 +1,5 @@ +--- +title: Update trusted OAuth applications to set them as confidential +merge_request: +author: +type: security |