Merge branch 'security-11-6-2769-idn-homograph-attack' into '11-6-stable'

[11.6] GitLab vulnerable to IDN homograph attacks and RTLO attacks See merge request gitlab/gitlabhq!2822
author: Yorick Peterse <yorickpeterse@gmail.com> 2019-01-24 16:51:44 +0300
committer: Yorick Peterse <yorickpeterse@gmail.com> 2019-01-24 16:51:44 +0300
commit: b8c23dbb8e75918bad6dddada4c21212936bba56 (patch)
tree: 866ed14f8677ea498b5a0bc228d817e9fd7c9543 /changelogs
parent: 2c3dad5b45728efb11b85f27cf6442602a402129 (diff)
parent: 4cf3aae124b5e05e0c1642ee983a1e4e779bea27 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/changelogs/unreleased/security-2769-idn-homograph-attack.yml b/changelogs/unreleased/security-2769-idn-homograph-attack.yml
new file mode 100644
index 00000000000..a014b522c96
--- /dev/null
+++ b/changelogs/unreleased/security-2769-idn-homograph-attack.yml
@@ -0,0 +1,5 @@
+---
+title: Make potentially malicious links more visible in the UI and scrub RTLO chars from links
+merge_request: 2770
+author:
+type: security
author	Yorick Peterse <yorickpeterse@gmail.com>	2019-01-24 16:51:44 +0300
committer	Yorick Peterse <yorickpeterse@gmail.com>	2019-01-24 16:51:44 +0300
commit	b8c23dbb8e75918bad6dddada4c21212936bba56 (patch)
tree	866ed14f8677ea498b5a0bc228d817e9fd7c9543 /changelogs
parent	2c3dad5b45728efb11b85f27cf6442602a402129 (diff)
parent	4cf3aae124b5e05e0c1642ee983a1e4e779bea27 (diff)