diff options
author | Jarka Kadlecova <jarka@gitlab.com> | 2017-10-16 19:38:13 +0300 |
---|---|---|
committer | Jarka Kadlecova <jarka@gitlab.com> | 2017-10-16 19:38:13 +0300 |
commit | 2a352001e7163e3446dc2ac55c9a2dbab244e463 (patch) | |
tree | 587aa43472fe1c9cd2d06f9cdc8053f694732761 | |
parent | 774374b9285b440c5eead67e49cb10c4a097a98b (diff) |
Update CHANGELOG.md for 9.4.7
[ci skip]
7 files changed, 9 insertions, 29 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 81bcecc3da0..7320d12460a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,15 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 9.4.7 (2017-10-16) + +- [SECURITY] Upgrade mail and nokogiri gems due to security issues. !13662 (Markus Koller) +- [SECURITY] Move project repositories between namespaces when renaming users. +- [SECURITY] Prevent an open redirect on project pages. +- [SECURITY] Prevent a persistent XSS in user-provided markup. +- [FIXED] Allow using newlines in pipeline email service recipients. !14250 +- Escape user name in filtered search bar. + ## 9.4.6 (2017-09-06) - [SECURITY] Upgrade mail and nokogiri gems due to security issues. !13662 (Markus Koller) diff --git a/changelogs/unreleased/37759-also-treat-newlines-as-separator.yml b/changelogs/unreleased/37759-also-treat-newlines-as-separator.yml deleted file mode 100644 index 6894e650c11..00000000000 --- a/changelogs/unreleased/37759-also-treat-newlines-as-separator.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Allow using newlines in pipeline email service recipients -merge_request: 14250 -author: -type: fixed diff --git a/changelogs/unreleased/38126-security-username-change.yml b/changelogs/unreleased/38126-security-username-change.yml deleted file mode 100644 index 6b0dfc3dca2..00000000000 --- a/changelogs/unreleased/38126-security-username-change.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Move project repositories between namespaces when renaming users -merge_request: -author: -type: security diff --git a/changelogs/unreleased/fix-arbitrary-redirect-vulnerability.yml b/changelogs/unreleased/fix-arbitrary-redirect-vulnerability.yml deleted file mode 100644 index 8d456b57963..00000000000 --- a/changelogs/unreleased/fix-arbitrary-redirect-vulnerability.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Prevent an open redirect on project pages -merge_request: -author: -type: security diff --git a/changelogs/unreleased/fix-gem-security-updates.yml b/changelogs/unreleased/fix-gem-security-updates.yml deleted file mode 100644 index dce11d08402..00000000000 --- a/changelogs/unreleased/fix-gem-security-updates.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Upgrade mail and nokogiri gems due to security issues -merge_request: 13662 -author: Markus Koller -type: security diff --git a/changelogs/unreleased/rs-sanitize-unicode-in-protocol.yml b/changelogs/unreleased/rs-sanitize-unicode-in-protocol.yml deleted file mode 100644 index 093c99943e2..00000000000 --- a/changelogs/unreleased/rs-sanitize-unicode-in-protocol.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Prevent a persistent XSS in user-provided markup -merge_request: -author: -type: security diff --git a/changelogs/unreleased/winh-search-bar-xss-9-4.yml b/changelogs/unreleased/winh-search-bar-xss-9-4.yml deleted file mode 100644 index 0533fee9b3a..00000000000 --- a/changelogs/unreleased/winh-search-bar-xss-9-4.yml +++ /dev/null @@ -1,4 +0,0 @@ ---- -title: Escape user name in filtered search bar -merge_request: -author: |