Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CHANGELOG10
1 files changed, 5 insertions, 5 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 24924ea44a6..5be22a3ff6f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,12 +1,12 @@
Please view this file on the master branch, on stable branches it's out of date.
v 8.3.9
- - Fix a window.opener bug that could lead to XSS and open redirects
- - Prevent XSS via custom issue tracker URL
- - Fix vulnerability that leaks private labels and milestones
- Prevent privilege escalation via "impersonate" feature
- - Prevent users from deleting Webhooks via API they do not own
- - Prevent information disclosure via snippet API
+ - Prevent privilege escalation via notes API
+ - Prevent privilege escalation via project webhook API
+ - Prevent XSS via custom issue tracker URL
+ - Prevent XSS via `window.opener`
+ - Prevent information disclosure via project labels
- Prevent information disclosure via new merge request page
v 8.3.8
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-09 23:54:53 +0300