From 333323598f0486aa8eb4ba879d85aaa55f3ea3ed Mon Sep 17 00:00:00 2001 From: GitLab Release Tools Bot Date: Fri, 26 Apr 2019 12:52:15 +0000 Subject: Update CHANGELOG.md for 11.9.10 [ci skip] --- CHANGELOG.md | 11 +++++++++++ .../unreleased/loosen_regex_for_exception_sanitization.yml | 5 ----- changelogs/unreleased/security-id-email-xss.yml | 5 ----- changelogs/unreleased/security-issue_2830.yml | 5 ----- .../unreleased/security-pb-email-watchers-no-access.yml | 5 ----- changelogs/unreleased/security-upgrade-to-rails-5-0-7-2.yml | 5 ----- 6 files changed, 11 insertions(+), 25 deletions(-) delete mode 100644 changelogs/unreleased/loosen_regex_for_exception_sanitization.yml delete mode 100644 changelogs/unreleased/security-id-email-xss.yml delete mode 100644 changelogs/unreleased/security-issue_2830.yml delete mode 100644 changelogs/unreleased/security-pb-email-watchers-no-access.yml delete mode 100644 changelogs/unreleased/security-upgrade-to-rails-5-0-7-2.yml diff --git a/CHANGELOG.md b/CHANGELOG.md index 259ce77bf64..52f7aaf010c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,17 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 11.9.10 (2019-04-26) + +### Security (5 changes) + +- Loosen regex for exception sanitization. !3077 +- Resolve: moving an issue to private repo leaks namespace and project name. +- Escape path in new merge request mail. +- Stop sending emails to users who can't read commit. +- Upgrade Rails to 5.0.7.2. + + ## 11.9.9 (2019-04-23) ### Performance (1 change) diff --git a/changelogs/unreleased/loosen_regex_for_exception_sanitization.yml b/changelogs/unreleased/loosen_regex_for_exception_sanitization.yml deleted file mode 100644 index 288153487ab..00000000000 --- a/changelogs/unreleased/loosen_regex_for_exception_sanitization.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Loosen regex for exception sanitization -merge_request: 3077 -author: -type: security diff --git a/changelogs/unreleased/security-id-email-xss.yml b/changelogs/unreleased/security-id-email-xss.yml deleted file mode 100644 index 36c00a70c6a..00000000000 --- a/changelogs/unreleased/security-id-email-xss.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Escape path in new merge request mail -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-issue_2830.yml b/changelogs/unreleased/security-issue_2830.yml deleted file mode 100644 index 244e105f7d4..00000000000 --- a/changelogs/unreleased/security-issue_2830.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: 'Resolve: moving an issue to private repo leaks namespace and project name' -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-pb-email-watchers-no-access.yml b/changelogs/unreleased/security-pb-email-watchers-no-access.yml deleted file mode 100644 index cc64ef1352f..00000000000 --- a/changelogs/unreleased/security-pb-email-watchers-no-access.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Stop sending emails to users who can't read commit -merge_request: -author: -type: security diff --git a/changelogs/unreleased/security-upgrade-to-rails-5-0-7-2.yml b/changelogs/unreleased/security-upgrade-to-rails-5-0-7-2.yml deleted file mode 100644 index 619ea78b876..00000000000 --- a/changelogs/unreleased/security-upgrade-to-rails-5-0-7-2.yml +++ /dev/null @@ -1,5 +0,0 @@ ---- -title: Upgrade Rails to 5.0.7.2 -merge_request: -author: -type: security -- cgit v1.2.3