From 42d13aebd3c47671337d871e8b349385dade5252 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Wed, 28 Apr 2021 15:09:35 +0000
Subject: Add latest changes from gitlab-org/gitlab@master

---
 CHANGELOG.md | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

(limited to 'CHANGELOG.md')

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 096a598100e..f272dd674ac 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,17 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.
 
+## 13.11.2 (2021-04-27)
+
+### Security (5 changes)
+
+- Prevent tokens with only read_api scope from executing mutations.
+- Do not allow deploy tokens in the dependency proxy authentication service.
+- Disable keyset pagination for branches by default.
+- Bump Carrierwave gem to v1.3.2.
+- Restrict setting system_note_timestamp to owners.
+
+
 ## 13.11.1 (2021-04-22)
 
 ### Changed (1 change)
@@ -819,6 +830,18 @@ entry.
 - Externalize strings in labels/new.html.haml. (nuwe1)
 
 
+## 13.10.4 (2021-04-27)
+
+### Security (6 changes)
+
+- Prevent tokens with only read_api scope from executing mutations.
+- Update mermaid to version 8.9.2.
+- Do not allow deploy tokens in the dependency proxy authentication service.
+- Disable keyset pagination for branches by default.
+- Bump Carrierwave gem to v1.3.2.
+- Restrict setting system_note_timestamp to owners.
+
+
 ## 13.10.3 (2021-04-13)
 
 ### Security (3 changes)
@@ -1388,6 +1411,18 @@ entry.
 - Convert mattermost alert to pajamas. !56556
 
 
+## 13.9.7 (2021-04-27)
+
+### Security (6 changes)
+
+- Prevent tokens with only read_api scope from executing mutations.
+- Update mermaid to version 8.9.2.
+- Do not allow deploy tokens in the dependency proxy authentication service.
+- Disable keyset pagination for branches by default.
+- Bump Carrierwave gem to v1.3.2.
+- Restrict setting system_note_timestamp to owners.
+
+
 ## 13.9.6 (2021-04-13)
 
 ### Security (2 changes)
-- 
cgit v1.2.3