From b8cacd68a6297f2c6cdd454a3d82a487367f2e70 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Tue, 30 Mar 2021 22:40:10 +0000
Subject: Add latest changes from gitlab-org/security/gitlab@13-10-stable-ee

---
 changelogs/unreleased/security-kroki-arbitraryfile-read-write.yml    | 5 +++++
 .../unreleased/security-projects-branch-collaboration-loop.yml       | 5 +++++
 2 files changed, 10 insertions(+)
 create mode 100644 changelogs/unreleased/security-kroki-arbitraryfile-read-write.yml
 create mode 100644 changelogs/unreleased/security-projects-branch-collaboration-loop.yml

(limited to 'changelogs/unreleased')

diff --git a/changelogs/unreleased/security-kroki-arbitraryfile-read-write.yml b/changelogs/unreleased/security-kroki-arbitraryfile-read-write.yml
new file mode 100644
index 00000000000..acefc5e6fac
--- /dev/null
+++ b/changelogs/unreleased/security-kroki-arbitraryfile-read-write.yml
@@ -0,0 +1,5 @@
+---
+title: Fix arbitrary read/write in AsciiDoctor and Kroki gems
+merge_request:
+author:
+type: security
diff --git a/changelogs/unreleased/security-projects-branch-collaboration-loop.yml b/changelogs/unreleased/security-projects-branch-collaboration-loop.yml
new file mode 100644
index 00000000000..607bd37d2f6
--- /dev/null
+++ b/changelogs/unreleased/security-projects-branch-collaboration-loop.yml
@@ -0,0 +1,5 @@
+---
+title: Prevent infinite loop when checking if collaboration is allowed
+merge_request:
+author:
+type: security
-- 
cgit v1.2.1