diff options
| author | GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> | 2019-08-09 19:43:31 +0300 |
|---|---|---|
| committer | GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> | 2019-08-09 19:43:31 +0300 |
| commit | f975ed560ff361e5e0afc0c6c9142aaf4639b2af (patch) | |
| tree | 499999a6b2ba8e03747e28aab5f6b1435ee5de9c | |
| parent | 3037524c24a8ef0817742f1c16dad57c398b9206 (diff) | |
Update CHANGELOG.md for 12.1.5
[ci skip]
| -rw-r--r-- | CHANGELOG.md | 8 | ||||
| -rw-r--r-- | changelogs/unreleased/fix-gitaly-revision-flag-injection.yml | 5 | ||||
| -rw-r--r-- | changelogs/unreleased/security-pages-api-token-recovery.yml | 5 |
3 files changed, 8 insertions, 10 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 37e110699dd..90c77057bf8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 12.1.5 + +### Security (2 changes) + +- Upgrade Gitaly to 1.53.2 to prevent revision flag injection exploits. +- Upgrade pages to 1.7.1 to prevent gitlab api token recovery from cookie. + + ## 12.1.4 ### Fixed (3 changes, 1 of them is from the community) diff --git a/changelogs/unreleased/fix-gitaly-revision-flag-injection.yml b/changelogs/unreleased/fix-gitaly-revision-flag-injection.yml deleted file mode 100644 index d74d0d515bb..00000000000 --- a/changelogs/unreleased/fix-gitaly-revision-flag-injection.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Upgrade Gitaly to 1.53.2 to prevent revision flag injection exploits -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-pages-api-token-recovery.yml b/changelogs/unreleased/security-pages-api-token-recovery.yml deleted file mode 100644 index b8193368360..00000000000 --- a/changelogs/unreleased/security-pages-api-token-recovery.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Upgrade pages to 1.7.1 to prevent gitlab api token recovery from cookie -merge_request: -author: -type: security |