diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-01-07 12:16:43 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-01-07 12:16:43 +0300 |
| commit | 2754dab2b1bc02e7ba0ad559761e6f50b3771e70 (patch) | |
| tree | 48a5f484aaebaee782e29593635773540fa489e8 /CHANGELOG.md | |
| parent | 8784257afcf63e9af5cb4f9b0d68e8d7247110bf (diff) | |
Add latest changes from gitlab-org/security/gitlab@13-6-stable-eev13.6.4
Diffstat (limited to 'CHANGELOG.md')
| -rw-r--r-- | CHANGELOG.md | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index b676ddad5fa..61d35535fa5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,19 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 13.6.4 (2021-01-07) + +### Security (7 changes) + +- Forbid public cache for private repos. +- Deny implicit flow for confidential apps. +- Update NuGet regular expression to protect against ReDoS. +- Fix regular expression backtracking issue in package name validation. +- Upgrade GitLab Pages to 1.30.2. +- Update trusted OAuth applications to set them as confidential. +- Upgrade Workhorse to 8.54.2. + + ## 13.6.3 (2020-12-10) ### Fixed (5 changes) |