diff options
author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-04-26 15:52:15 +0300 |
---|---|---|
committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2019-04-26 15:52:15 +0300 |
commit | 333323598f0486aa8eb4ba879d85aaa55f3ea3ed (patch) | |
tree | 51cc4a99b530986f2fbf7a124bfae1f89e1034ba | |
parent | 389c2f84fc30742e3c62d653e355804c18321498 (diff) |
Update CHANGELOG.md for 11.9.10
[ci skip]
6 files changed, 11 insertions, 25 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 259ce77bf64..52f7aaf010c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,17 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 11.9.10 (2019-04-26) + +### Security (5 changes) + +- Loosen regex for exception sanitization. !3077 +- Resolve: moving an issue to private repo leaks namespace and project name. +- Escape path in new merge request mail. +- Stop sending emails to users who can't read commit. +- Upgrade Rails to 5.0.7.2. + + ## 11.9.9 (2019-04-23) ### Performance (1 change) diff --git a/changelogs/unreleased/loosen_regex_for_exception_sanitization.yml b/changelogs/unreleased/loosen_regex_for_exception_sanitization.yml deleted file mode 100644 index 288153487ab..00000000000 --- a/changelogs/unreleased/loosen_regex_for_exception_sanitization.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Loosen regex for exception sanitization -merge_request: 3077 -author: -type: security diff --git a/changelogs/unreleased/security-id-email-xss.yml b/changelogs/unreleased/security-id-email-xss.yml deleted file mode 100644 index 36c00a70c6a..00000000000 --- a/changelogs/unreleased/security-id-email-xss.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Escape path in new merge request mail -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-issue_2830.yml b/changelogs/unreleased/security-issue_2830.yml deleted file mode 100644 index 244e105f7d4..00000000000 --- a/changelogs/unreleased/security-issue_2830.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: 'Resolve: moving an issue to private repo leaks namespace and project name' -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-pb-email-watchers-no-access.yml b/changelogs/unreleased/security-pb-email-watchers-no-access.yml deleted file mode 100644 index cc64ef1352f..00000000000 --- a/changelogs/unreleased/security-pb-email-watchers-no-access.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Stop sending emails to users who can't read commit -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-upgrade-to-rails-5-0-7-2.yml b/changelogs/unreleased/security-upgrade-to-rails-5-0-7-2.yml deleted file mode 100644 index 619ea78b876..00000000000 --- a/changelogs/unreleased/security-upgrade-to-rails-5-0-7-2.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Upgrade Rails to 5.0.7.2 -merge_request: -author: -type: security |