diff options
author | Mark Fletcher <mark@gitlab.com> | 2018-03-16 22:06:18 +0300 |
---|---|---|
committer | Mark Fletcher <mark@gitlab.com> | 2018-03-16 22:06:18 +0300 |
commit | ee1afd263a656d1e8818a4f5eb50fd16cce339b2 (patch) | |
tree | 991004c77dec7651b9bf2136b05655deaa974d97 | |
parent | 6bc85e0aa4a633f2a8075e33895c7cbe048ebae8 (diff) |
Update CHANGELOG.md for 10.3.9
[ci skip]
-rw-r--r-- | CHANGELOG.md | 9 | ||||
-rw-r--r-- | changelogs/unreleased/42591-update-nokogiri.yml | 5 | ||||
-rw-r--r-- | changelogs/unreleased/fix-auth0-unsafe-login.yml | 5 | ||||
-rw-r--r-- | changelogs/unreleased/fj-15329-services-callbacks-ssrf.yml | 5 |
4 files changed, 9 insertions, 15 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 957983193d7..b1a11f009ca 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,15 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 10.3.9 (2018-03-16) + +### Security (3 changes) + +- Fixed some SSRF vulnerabilities in services, hooks and integrations. !2337 +- Update nokogiri to 1.8.2. !16807 +- Fix GitLab Auth0 integration signing in the wrong user. + + ## 10.3.8 (2018-03-01) ### Security (1 change) diff --git a/changelogs/unreleased/42591-update-nokogiri.yml b/changelogs/unreleased/42591-update-nokogiri.yml deleted file mode 100644 index 5f9587d2d92..00000000000 --- a/changelogs/unreleased/42591-update-nokogiri.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Update nokogiri to 1.8.2 -merge_request: 16807 -author: -type: security diff --git a/changelogs/unreleased/fix-auth0-unsafe-login.yml b/changelogs/unreleased/fix-auth0-unsafe-login.yml deleted file mode 100644 index 01c6ea69dcc..00000000000 --- a/changelogs/unreleased/fix-auth0-unsafe-login.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Fix GitLab Auth0 integration signing in the wrong user -merge_request: -author: -type: security diff --git a/changelogs/unreleased/fj-15329-services-callbacks-ssrf.yml b/changelogs/unreleased/fj-15329-services-callbacks-ssrf.yml deleted file mode 100644 index 7fa6f6a5874..00000000000 --- a/changelogs/unreleased/fj-15329-services-callbacks-ssrf.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Fixed some SSRF vulnerabilities in services, hooks and integrations -merge_request: 2337 -author: -type: security |