diff options
author | GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> | 2019-11-27 01:07:48 +0300 |
---|---|---|
committer | GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com> | 2019-11-27 01:07:48 +0300 |
commit | b475ac654d0a7d271470aff7ddb9125c05ef7806 (patch) | |
tree | 6baf5ebd1592f9ef24aba2526d73a9110f39c0f4 /CHANGELOG.md | |
parent | 8539ed88d6e8e5da73486422f1a8ff623830a4ef (diff) |
Update CHANGELOG.md for 12.4.4
[ci skip]
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r-- | CHANGELOG.md | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 5db49b71961..ddb0335690a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,21 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 12.4.4 + +### Security (9 changes) + +- Check permissions before showing a forked project's source. +- Encrypt application setting tokens. +- Update Workhorse and Gitaly to fix a security issue. +- Hide commit counts from guest users in Cycle Analytics. +- Limit potential for DNS rebind SSRF in chat notifications. +- Fix 500 error caused by invalid byte sequences in links. +- Ensure are cleaned by ImportExport::AttributeCleaner. +- Remove notes regarding Related Branches from Issue activity feeds for guest users. +- Escape namespace in label references to prevent XSS. + + ## 12.4.3 ### Fixed (2 changes) |