diff options
author | GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> | 2019-08-09 23:51:35 +0300 |
---|---|---|
committer | GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> | 2019-08-09 23:51:35 +0300 |
commit | f0e99ebd0d6e614326af4a680b40ea56ab05120b (patch) | |
tree | 087e02d8f729ed0a6988edd1a6caa99532796dcd | |
parent | 4e7166cd41ad95970a1349489b5f11503b023cee (diff) |
Update CHANGELOG.md for 11.11.8
[ci skip]
-rw-r--r-- | CHANGELOG.md | 8 | ||||
-rw-r--r-- | changelogs/unreleased/fix-gitaly-revision-flag-injection.yml | 5 | ||||
-rw-r--r-- | changelogs/unreleased/security-pages-api-token-recovery.yml | 5 |
3 files changed, 8 insertions, 10 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index d7f4e80078d..5b914ff7409 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 11.11.8 + +### Security (2 changes) + +- Upgrade Gitaly to 1.42.7 to prevent revision flag injection exploits. +- Upgrade pages to 1.5.1 to prevent gitlab api token recovery from cookie. + + ## 11.11.7 ### Security (9 changes) diff --git a/changelogs/unreleased/fix-gitaly-revision-flag-injection.yml b/changelogs/unreleased/fix-gitaly-revision-flag-injection.yml deleted file mode 100644 index ab72482fb25..00000000000 --- a/changelogs/unreleased/fix-gitaly-revision-flag-injection.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Upgrade Gitaly to 1.42.7 to prevent revision flag injection exploits -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-pages-api-token-recovery.yml b/changelogs/unreleased/security-pages-api-token-recovery.yml deleted file mode 100644 index 5b555d0774b..00000000000 --- a/changelogs/unreleased/security-pages-api-token-recovery.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Upgrade pages to 1.5.1 to prevent gitlab api token recovery from cookie -merge_request: -author: -type: security |