diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-11 18:09:11 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-02-11 18:09:11 +0300 |
| commit | 5231344d99fd052e193243041dc180ed26cfe2ac (patch) | |
| tree | f9e518b857c8e77bde98d73291107ab410938fee /CHANGELOG.md | |
| parent | 9f5ac379c76c278ee9ee1662e26c4612b0a117bd (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'CHANGELOG.md')
| -rw-r--r-- | CHANGELOG.md | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index d0688ebf570..ea9b789ce05 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,21 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 13.8.4 (2021-02-11) + +### Security (9 changes) + +- Cancel running and pending jobs when a project is deleted. !1220 +- Prevent Denial of Service Attack on gitlab-shell. +- Prevent exposure of confidential issue titles in file browser. +- Updates authorization for linting API. +- Check user access on API merge request read actions. +- Limit daily invitations to groups and projects. +- Enforce the analytics enabled project setting for project-level analytics features. +- Perform SSL verification for FortiTokenCloud Integration. +- Prevent Server-side Request Forgery for Prometheus when secured by Google IAP. + + ## 13.8.3 (2021-02-05) ### Fixed (2 changes) @@ -387,6 +402,21 @@ entry. - Add verbiage + link sast to show it's in core. !51935 +## 13.7.7 (2021-02-11) + +### Security (9 changes) + +- Cancel running and pending jobs when a project is deleted. !1220 +- Prevent Denial of Service Attack on gitlab-shell. +- Prevent exposure of confidential issue titles in file browser. +- Updates authorization for linting API. +- Check user access on API merge request read actions. +- Limit daily invitations to groups and projects. +- Enforce the analytics enabled project setting for project-level analytics features. +- Perform SSL verification for FortiTokenCloud Integration. +- Prevent Server-side Request Forgery for Prometheus when secured by Google IAP. + + ## 13.7.6 (2021-02-01) ### Security (5 changes) @@ -908,6 +938,19 @@ entry. - Update GitLab Workhorse to v8.57.0. +## 13.6.7 (2021-02-11) + +### Security (7 changes) + +- Cancel running and pending jobs when a project is deleted. !1220 +- Updates authorization for linting API. +- Prevent exposure of confidential issue titles in file browser. +- Check user access on API merge request read actions. +- Prevent Denial of Service Attack on gitlab-shell. +- Limit daily invitations to groups and projects. +- Prevent Server-side Request Forgery for Prometheus when secured by Google IAP. + + ## 13.6.6 (2021-02-01) ### Security (5 changes) |