diff options
| -rw-r--r-- | CHANGELOG.md | 10 | ||||
| -rw-r--r-- | changelogs/unreleased/security-id-email-xss.yml | 5 | ||||
| -rw-r--r-- | changelogs/unreleased/security-issue_2830.yml | 5 | ||||
| -rw-r--r-- | changelogs/unreleased/security-pb-email-watchers-no-access.yml | 5 |
4 files changed, 10 insertions, 15 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index bd4c0e479cc..5ace47828db 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,16 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 11.10.2 (2019-04-25) + +### Security (4 changes) + +- Loosen regex for exception sanitization. !3076 +- Resolve: moving an issue to private repo leaks namespace and project name. +- Escape path in new merge request mail. +- Stop sending emails to users who can't read commit. + + ## 11.10.1 (2019-04-23) ### Fixed (2 changes) diff --git a/changelogs/unreleased/security-id-email-xss.yml b/changelogs/unreleased/security-id-email-xss.yml deleted file mode 100644 index 36c00a70c6a..00000000000 --- a/changelogs/unreleased/security-id-email-xss.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Escape path in new merge request mail -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-issue_2830.yml b/changelogs/unreleased/security-issue_2830.yml deleted file mode 100644 index 244e105f7d4..00000000000 --- a/changelogs/unreleased/security-issue_2830.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: 'Resolve: moving an issue to private repo leaks namespace and project name' -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-pb-email-watchers-no-access.yml b/changelogs/unreleased/security-pb-email-watchers-no-access.yml deleted file mode 100644 index cc64ef1352f..00000000000 --- a/changelogs/unreleased/security-pb-email-watchers-no-access.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Stop sending emails to users who can't read commit -merge_request: -author: -type: security |