diff options
author | Bob Van Landuyt <bob@vanlanduyt.co> | 2018-10-05 20:53:10 +0300 |
---|---|---|
committer | Bob Van Landuyt <bob@vanlanduyt.co> | 2018-10-05 20:53:10 +0300 |
commit | ca9b99ffbb944f9ac27814c17139add24a517962 (patch) | |
tree | a1a0472937f399a1bf7a8fddf01998f571f76e93 /changelogs | |
parent | 34646406f71f79d4581a4a1cb9cddea38ffbb8be (diff) | |
parent | 36bd07838263f709b0ca9af4830ee75cde7e8f97 (diff) |
Merge branch 'master' of dev.gitlab.org:gitlab/gitlabhq
Diffstat (limited to 'changelogs')
3 files changed, 15 insertions, 0 deletions
diff --git a/changelogs/unreleased/security-bw-confidential-titles-through-markdown-api.yml b/changelogs/unreleased/security-bw-confidential-titles-through-markdown-api.yml new file mode 100644 index 00000000000..e0231b7962f --- /dev/null +++ b/changelogs/unreleased/security-bw-confidential-titles-through-markdown-api.yml @@ -0,0 +1,5 @@ +--- +title: Markdown API no longer displays confidential title references unless authorized +merge_request: +author: +type: security diff --git a/changelogs/unreleased/security-fix-leaking-private-project-namespace.yml b/changelogs/unreleased/security-fix-leaking-private-project-namespace.yml new file mode 100644 index 00000000000..589d16c0c35 --- /dev/null +++ b/changelogs/unreleased/security-fix-leaking-private-project-namespace.yml @@ -0,0 +1,5 @@ +--- +title: Properly filter private references from system notes +merge_request: +author: +type: security diff --git a/changelogs/unreleased/security-osw-user-info-leak-discussions.yml b/changelogs/unreleased/security-osw-user-info-leak-discussions.yml new file mode 100644 index 00000000000..5acbb80fc3d --- /dev/null +++ b/changelogs/unreleased/security-osw-user-info-leak-discussions.yml @@ -0,0 +1,5 @@ +--- +title: Filter user sensitive data from discussions JSON +merge_request: 2536 +author: +type: security |