From d8d57a90208c62b29e5218f97525404859232a55 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Tue, 27 Apr 2021 14:04:46 +0000
Subject: Add latest changes from gitlab-org/security/gitlab@13-11-stable-ee

---
 CHANGELOG.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'CHANGELOG.md')

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 096a598100e..a48f0afd15b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,17 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 13.11.2 (2021-04-27)
+
+### Security (5 changes)
+
+- Prevent tokens with only read_api scope from executing mutations.
+- Do not allow deploy tokens in the dependency proxy authentication service.
+- Disable keyset pagination for branches by default.
+- Bump Carrierwave gem to v1.3.2.
+- Restrict setting system_note_timestamp to owners.
+
+
 ## 13.11.1 (2021-04-22)
 
 ### Changed (1 change)
-- 
cgit v1.2.1