Add latest changes from gitlab-org/gitlab@12-5-stable-ee

author: GitLab Bot <gitlab-bot@gitlab.com> 2019-11-27 14:38:22 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2019-11-27 14:38:22 +0300
commit: ec764103ee252c84563851ccc53fb99eef88c742 (patch)
tree: 766a240a29d27635e7a2eeed30b19c250adfdd28 /CHANGELOG.md
parent: 52b9f101a35b6eec91621d5470e6d5883bfcaf88 (diff)
1 files changed, 6 insertions, 3 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 59fb71c3245..9cef812464a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,16 +4,19 @@ entry.
 
 ## 12.5.1
 
-### Security (8 changes)
+### Security (11 changes)
 
-- Check permissions before showing a forked project's source.
+- Do not create todos for approvers without access. !1442
+- Hide commit counts from guest users in Cycle Analytics.
 - Encrypt application setting tokens.
 - Update Workhorse and Gitaly to fix a security issue.
-- Hide commit counts from guest users in Cycle Analytics.
+- Add maven file_name regex validation on incoming files.
+- Check permissions before showing a forked project's source.
 - Limit potential for DNS rebind SSRF in chat notifications.
 - Ensure are cleaned by ImportExport::AttributeCleaner.
 - Remove notes regarding Related Branches from Issue activity feeds for guest users.
 - Escape namespace in label references to prevent XSS.
+- Add authorization to using filter vulnerable in Dependency List.
 
 
 ## 12.5.0
author	GitLab Bot <gitlab-bot@gitlab.com>	2019-11-27 14:38:22 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2019-11-27 14:38:22 +0300
commit	ec764103ee252c84563851ccc53fb99eef88c742 (patch)
tree	766a240a29d27635e7a2eeed30b19c250adfdd28 /CHANGELOG.md
parent	52b9f101a35b6eec91621d5470e6d5883bfcaf88 (diff)