diff options
| author | Filipa Lacerda <filipa@gitlab.com> | 2018-05-28 14:07:30 +0300 |
|---|---|---|
| committer | Filipa Lacerda <filipa@gitlab.com> | 2018-05-28 14:07:30 +0300 |
| commit | f0ceff399d773111c9a8d3ea263589c2db4c3b10 (patch) | |
| tree | 488acf06f5c30b1ced213c40fdf4279c2bbf1b37 | |
| parent | d728ea8e333cf84b745d0ccf0583846e0ede8fb8 (diff) | |
Update CHANGELOG.md for 10.6.6
[ci skip]
5 files changed, 10 insertions, 20 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index fcc4225afd0..b1349740188 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,16 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 10.6.6 (2018-05-28) + +### Security (4 changes) + +- Do not allow non-members to create MRs via forked projects when MRs are private. +- Prevent user passwords from being changed without providing the previous password. +- Fix API to remove deploy key from project instead of deleting it entirely. +- Fixed bug that allowed importing arbitrary project attributes. + + ## 10.6.5 (2018-04-24) ### Security (1 change) diff --git a/changelogs/unreleased/42682-merge-request-project-members-access.yml b/changelogs/unreleased/42682-merge-request-project-members-access.yml deleted file mode 100644 index ed7275c6345..00000000000 --- a/changelogs/unreleased/42682-merge-request-project-members-access.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Do not allow non-members to create MRs via forked projects when MRs are private -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-10-6-users-can-update-their-password-without-entering-current-password.yml b/changelogs/unreleased/security-10-6-users-can-update-their-password-without-entering-current-password.yml deleted file mode 100644 index 824fbd41ab8..00000000000 --- a/changelogs/unreleased/security-10-6-users-can-update-their-password-without-entering-current-password.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Prevent user passwords from being changed without providing the previous password -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-dm-delete-deploy-key.yml b/changelogs/unreleased/security-dm-delete-deploy-key.yml deleted file mode 100644 index aa94e7b6072..00000000000 --- a/changelogs/unreleased/security-dm-delete-deploy-key.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Fix API to remove deploy key from project instead of deleting it entirely -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-fj-import-export-assignment.yml b/changelogs/unreleased/security-fj-import-export-assignment.yml deleted file mode 100644 index 4bfd71d431a..00000000000 --- a/changelogs/unreleased/security-fj-import-export-assignment.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Fixed bug that allowed importing arbitrary project attributes -merge_request: -author: -type: security |