diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-04 19:51:40 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-04 19:51:40 +0300 |
commit | aefe6486cf0d193067112b90145083d73b96bfef (patch) | |
tree | 02dbf7d022069b183f34b63e99eb359d7e001ddb /changelogs | |
parent | 66ebf02c05dc69a65731d61baf28ef3335db2bbf (diff) |
Add latest changes from gitlab-org/security/gitlab@13-6-stable-ee
Diffstat (limited to 'changelogs')
4 files changed, 20 insertions, 0 deletions
diff --git a/changelogs/unreleased/security-296-private_profile_exposure.yml b/changelogs/unreleased/security-296-private_profile_exposure.yml new file mode 100644 index 00000000000..05d98788aed --- /dev/null +++ b/changelogs/unreleased/security-296-private_profile_exposure.yml @@ -0,0 +1,5 @@ +--- +title: Ensure group and project memberships are not leaked via API for users with private profiles +merge_request: +author: +type: security diff --git a/changelogs/unreleased/security-mermaid-rc-13-6.yml b/changelogs/unreleased/security-mermaid-rc-13-6.yml new file mode 100644 index 00000000000..10c620de108 --- /dev/null +++ b/changelogs/unreleased/security-mermaid-rc-13-6.yml @@ -0,0 +1,5 @@ +--- +title: Fix mermaid resource consumption in GFM fields +merge_request: +author: +type: security diff --git a/changelogs/unreleased/security-prevent-short-searches-in-explore-projects.yml b/changelogs/unreleased/security-prevent-short-searches-in-explore-projects.yml new file mode 100644 index 00000000000..672ccc09a33 --- /dev/null +++ b/changelogs/unreleased/security-prevent-short-searches-in-explore-projects.yml @@ -0,0 +1,5 @@ +--- +title: Require at least 3 characters when searching for project in the Explore page +merge_request: +author: +type: security diff --git a/changelogs/unreleased/security-search-term-logged.yml b/changelogs/unreleased/security-search-term-logged.yml new file mode 100644 index 00000000000..c3e9d1862bd --- /dev/null +++ b/changelogs/unreleased/security-search-term-logged.yml @@ -0,0 +1,5 @@ +--- +title: Filter search parameter to prevent data leaks +merge_request: +author: +type: security |