diff options
author | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2018-11-18 15:23:13 +0300 |
---|---|---|
committer | GitLab Release Tools Bot <robert+release-tools@gitlab.com> | 2018-11-18 15:23:13 +0300 |
commit | 528b59d38e8a46582330bd4497614e4a6900de68 (patch) | |
tree | 699e40b9b6b8c7d6db940eb203f4e91338a2407a | |
parent | 721e484d922dac443cb8c7fdbcb944bed573a9fe (diff) |
Update CHANGELOG.md for 11.4.6
[ci skip]
-rw-r--r-- | CHANGELOG.md | 7 | ||||
-rw-r--r-- | changelogs/unreleased/security-11-4-2717-xss-username-autocomplete.yml | 5 |
2 files changed, 7 insertions, 5 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index b4f5ae8089b..69ba40ce277 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 11.4.6 (2018-11-18) + +### Security (1 change) + +- Escape user fullname while rendering autocomplete template to prevent XSS. + + ## 11.4.5 (2018-11-04) ### Fixed (4 changes, 1 of them is from the community) diff --git a/changelogs/unreleased/security-11-4-2717-xss-username-autocomplete.yml b/changelogs/unreleased/security-11-4-2717-xss-username-autocomplete.yml deleted file mode 100644 index d9b1015eeb4..00000000000 --- a/changelogs/unreleased/security-11-4-2717-xss-username-autocomplete.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Escape user fullname while rendering autocomplete template to prevent XSS -merge_request: -author: -type: security |