diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-01 18:19:56 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-01 18:19:56 +0300 |
commit | 4c229687ce0f82112e1f3027bc72022a13936463 (patch) | |
tree | ad59c4ad93fbd0141e0a56d10db28748d3baaa0b /CHANGELOG.md | |
parent | 9ec02c8a18cbcb5ed16da68a92fe7ff3d6cfffa8 (diff) |
Add latest changes from gitlab-org/security/gitlab@13-7-stable-eev13.7.6
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r-- | CHANGELOG.md | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index e61da5fa270..799070f03ac 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,17 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 13.7.6 (2021-02-01) + +### Security (5 changes) + +- Filter sensitive GraphQL variables from logs. +- Avoid exposing release links when the user cannot read git-tag/repository. +- Sanitize target branch on MR page. +- Fix DNS rebinding protection bypass when allowing an IP address in Outbound Requests setting. +- Add routes for unmatched url for not-get requests. + + ## 13.7.5 (2021-01-25) ### Fixed (2 changes, 1 of them is from the community) |