diff options
| author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-04-25 21:05:31 +0300 |
|---|---|---|
| committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-04-25 21:05:31 +0300 |
| commit | 18cbe354ef62068e359f7cece806ac9a1362e163 (patch) | |
| tree | c434efb8703bd014b2e69e9fb1395c9740aa9f93 | |
| parent | 8becca4f342e18a887ea9d434e15f54165fd22b0 (diff) | |
Update CHANGELOG.md for 11.8.9
[ci skip]
6 files changed, 11 insertions, 25 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 7bb13685b5f..a27def27245 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,17 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 11.8.9 (2019-04-25) + +### Security (5 changes) + +- Improve credentials sanitization on repository mirror integration. !3078 +- Stop sending emails to users who can't read commit. +- Escape path in new merge request mail. +- Only allow modification of content when note is edited. +- Upgrade Rails to 5.0.7.2. + + ## 11.8.8 (2019-04-23) ### Fixed (5 changes) diff --git a/changelogs/unreleased/security-57153-comments-on-confidential-issues.yml b/changelogs/unreleased/security-57153-comments-on-confidential-issues.yml deleted file mode 100644 index 62ee0fddfd9..00000000000 --- a/changelogs/unreleased/security-57153-comments-on-confidential-issues.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Only allow modification of content when note is edited -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-id-email-xss.yml b/changelogs/unreleased/security-id-email-xss.yml deleted file mode 100644 index 36c00a70c6a..00000000000 --- a/changelogs/unreleased/security-id-email-xss.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Escape path in new merge request mail -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-pb-email-watchers-no-access.yml b/changelogs/unreleased/security-pb-email-watchers-no-access.yml deleted file mode 100644 index cc64ef1352f..00000000000 --- a/changelogs/unreleased/security-pb-email-watchers-no-access.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Stop sending emails to users who can't read commit -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-update-gitaly-to-11-20-1.yml b/changelogs/unreleased/security-update-gitaly-to-11-20-1.yml deleted file mode 100644 index 2d24f34cc87..00000000000 --- a/changelogs/unreleased/security-update-gitaly-to-11-20-1.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Improve credentials sanitization on repository mirror integration -merge_request: 3078 -author: -type: security diff --git a/changelogs/unreleased/security-upgrade-to-rails-5-0-7-2.yml b/changelogs/unreleased/security-upgrade-to-rails-5-0-7-2.yml deleted file mode 100644 index 619ea78b876..00000000000 --- a/changelogs/unreleased/security-upgrade-to-rails-5-0-7-2.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Upgrade Rails to 5.0.7.2 -merge_request: -author: -type: security |