From 3672b97aa33cbf61b88b192556656108b9910d6f Mon Sep 17 00:00:00 2001
From: GitLab Release Tools Bot <delivery-team+release-tools@gitlab.com>
Date: Wed, 28 Aug 2019 18:38:34 +0000
Subject: Update CHANGELOG.md for 12.0.8

[ci skip]
---
 changelogs/unreleased/ce-60465-prevent-comments-on-private-mrs.yml  | 3 ---
 .../unreleased/security-59549-add-capcha-for-failed-logins.yml      | 5 -----
 changelogs/unreleased/security-60551-fix-upload-scope-12-0.yml      | 5 -----
 changelogs/unreleased/security-61974-limit-issue-comment-size-2.yml | 5 -----
 changelogs/unreleased/security-61974-limit-issue-comment-size.yml   | 5 -----
 changelogs/unreleased/security-64711-fix-commit-todos.yml           | 5 -----
 changelogs/unreleased/security-ci-metrics-permissions.yml           | 6 ------
 changelogs/unreleased/security-enable-image-proxy.yml               | 5 -----
 .../security-epic-notes-api-reveals-historical-info-ce-master.yml   | 5 -----
 changelogs/unreleased/security-exposed-default-branch.yml           | 5 -----
 .../security-fix-html-injection-for-label-description-ce-master.yml | 5 -----
 changelogs/unreleased/security-fix-markdown-xss.yml                 | 5 -----
 changelogs/unreleased/security-fix_jira_ssrf_vulnerability.yml      | 5 -----
 changelogs/unreleased/security-group-runners-permissions.yml        | 5 -----
 changelogs/unreleased/security-hide_merge_request_ids_on_emails.yml | 5 -----
 .../security-id-filter-timeline-activities-for-guests.yml           | 5 -----
 changelogs/unreleased/security-katex-dos-12-0.yml                   | 5 -----
 changelogs/unreleased/security-mr-head-pipeline-leak.yml            | 5 -----
 changelogs/unreleased/security-personal-snippets.yml                | 5 -----
 changelogs/unreleased/security-project-import-bypass.yml            | 5 -----
 .../unreleased/security-sarcila-fix-weak-session-management.yml     | 6 ------
 changelogs/unreleased/security-ssrf-kubernetes-dns.yml              | 5 -----
 22 files changed, 110 deletions(-)
 delete mode 100644 changelogs/unreleased/ce-60465-prevent-comments-on-private-mrs.yml
 delete mode 100644 changelogs/unreleased/security-59549-add-capcha-for-failed-logins.yml
 delete mode 100644 changelogs/unreleased/security-60551-fix-upload-scope-12-0.yml
 delete mode 100644 changelogs/unreleased/security-61974-limit-issue-comment-size-2.yml
 delete mode 100644 changelogs/unreleased/security-61974-limit-issue-comment-size.yml
 delete mode 100644 changelogs/unreleased/security-64711-fix-commit-todos.yml
 delete mode 100644 changelogs/unreleased/security-ci-metrics-permissions.yml
 delete mode 100644 changelogs/unreleased/security-enable-image-proxy.yml
 delete mode 100644 changelogs/unreleased/security-epic-notes-api-reveals-historical-info-ce-master.yml
 delete mode 100644 changelogs/unreleased/security-exposed-default-branch.yml
 delete mode 100644 changelogs/unreleased/security-fix-html-injection-for-label-description-ce-master.yml
 delete mode 100644 changelogs/unreleased/security-fix-markdown-xss.yml
 delete mode 100644 changelogs/unreleased/security-fix_jira_ssrf_vulnerability.yml
 delete mode 100644 changelogs/unreleased/security-group-runners-permissions.yml
 delete mode 100644 changelogs/unreleased/security-hide_merge_request_ids_on_emails.yml
 delete mode 100644 changelogs/unreleased/security-id-filter-timeline-activities-for-guests.yml
 delete mode 100644 changelogs/unreleased/security-katex-dos-12-0.yml
 delete mode 100644 changelogs/unreleased/security-mr-head-pipeline-leak.yml
 delete mode 100644 changelogs/unreleased/security-personal-snippets.yml
 delete mode 100644 changelogs/unreleased/security-project-import-bypass.yml
 delete mode 100644 changelogs/unreleased/security-sarcila-fix-weak-session-management.yml
 delete mode 100644 changelogs/unreleased/security-ssrf-kubernetes-dns.yml

(limited to 'changelogs/unreleased')

diff --git a/changelogs/unreleased/ce-60465-prevent-comments-on-private-mrs.yml b/changelogs/unreleased/ce-60465-prevent-comments-on-private-mrs.yml
deleted file mode 100644
index ba970162447..00000000000
--- a/changelogs/unreleased/ce-60465-prevent-comments-on-private-mrs.yml
+++ /dev/null
@@ -1,3 +0,0 @@
----
-title: Ensure only authorised users can create notes on Merge Requests and Issues
-type: security
diff --git a/changelogs/unreleased/security-59549-add-capcha-for-failed-logins.yml b/changelogs/unreleased/security-59549-add-capcha-for-failed-logins.yml
deleted file mode 100644
index 55f9e36c39c..00000000000
--- a/changelogs/unreleased/security-59549-add-capcha-for-failed-logins.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Add :login_recaptcha_protection_enabled setting to prevent bots from brute-force attacks.
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-60551-fix-upload-scope-12-0.yml b/changelogs/unreleased/security-60551-fix-upload-scope-12-0.yml
deleted file mode 100644
index 7d7096833a7..00000000000
--- a/changelogs/unreleased/security-60551-fix-upload-scope-12-0.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Queries for Upload should be scoped by model
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-61974-limit-issue-comment-size-2.yml b/changelogs/unreleased/security-61974-limit-issue-comment-size-2.yml
deleted file mode 100644
index 962171dc6f8..00000000000
--- a/changelogs/unreleased/security-61974-limit-issue-comment-size-2.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Speed up regexp in namespace format by failing fast after reaching maximum namespace depth
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-61974-limit-issue-comment-size.yml b/changelogs/unreleased/security-61974-limit-issue-comment-size.yml
deleted file mode 100644
index 6d5ef057d83..00000000000
--- a/changelogs/unreleased/security-61974-limit-issue-comment-size.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Limit the size of issuable description and comments
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-64711-fix-commit-todos.yml b/changelogs/unreleased/security-64711-fix-commit-todos.yml
deleted file mode 100644
index ce4b3cdeeaf..00000000000
--- a/changelogs/unreleased/security-64711-fix-commit-todos.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Send TODOs for comments on commits correctly
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-ci-metrics-permissions.yml b/changelogs/unreleased/security-ci-metrics-permissions.yml
deleted file mode 100644
index 51c6493442a..00000000000
--- a/changelogs/unreleased/security-ci-metrics-permissions.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: Restrict MergeRequests#test_reports to authenticated users with read-access
-  on Builds
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-enable-image-proxy.yml b/changelogs/unreleased/security-enable-image-proxy.yml
deleted file mode 100644
index 88b49ffd9e8..00000000000
--- a/changelogs/unreleased/security-enable-image-proxy.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Added image proxy to mitigate potential stealing of IP addresses
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-epic-notes-api-reveals-historical-info-ce-master.yml b/changelogs/unreleased/security-epic-notes-api-reveals-historical-info-ce-master.yml
deleted file mode 100644
index c639098721e..00000000000
--- a/changelogs/unreleased/security-epic-notes-api-reveals-historical-info-ce-master.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Filter out old system notes for epics in notes api endpoint response
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-exposed-default-branch.yml b/changelogs/unreleased/security-exposed-default-branch.yml
deleted file mode 100644
index bf32617ee8a..00000000000
--- a/changelogs/unreleased/security-exposed-default-branch.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Avoid exposing unaccessible repo data upon GFM post processing
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-fix-html-injection-for-label-description-ce-master.yml b/changelogs/unreleased/security-fix-html-injection-for-label-description-ce-master.yml
deleted file mode 100644
index 07124ac399b..00000000000
--- a/changelogs/unreleased/security-fix-html-injection-for-label-description-ce-master.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix HTML injection for label description
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-fix-markdown-xss.yml b/changelogs/unreleased/security-fix-markdown-xss.yml
deleted file mode 100644
index 7ef19f13fd5..00000000000
--- a/changelogs/unreleased/security-fix-markdown-xss.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Make sure HTML text is always escaped when replacing label/milestone references.
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-fix_jira_ssrf_vulnerability.yml b/changelogs/unreleased/security-fix_jira_ssrf_vulnerability.yml
deleted file mode 100644
index 25518dd2d05..00000000000
--- a/changelogs/unreleased/security-fix_jira_ssrf_vulnerability.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Prevent DNS rebind on JIRA service integration
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-group-runners-permissions.yml b/changelogs/unreleased/security-group-runners-permissions.yml
deleted file mode 100644
index 6c74be30b6d..00000000000
--- a/changelogs/unreleased/security-group-runners-permissions.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Use admin_group authorization in Groups::RunnersController
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-hide_merge_request_ids_on_emails.yml b/changelogs/unreleased/security-hide_merge_request_ids_on_emails.yml
deleted file mode 100644
index cd8c9590a70..00000000000
--- a/changelogs/unreleased/security-hide_merge_request_ids_on_emails.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Prevent disclosure of merge request ID via email
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-id-filter-timeline-activities-for-guests.yml b/changelogs/unreleased/security-id-filter-timeline-activities-for-guests.yml
deleted file mode 100644
index 0fa5f89e2c0..00000000000
--- a/changelogs/unreleased/security-id-filter-timeline-activities-for-guests.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Show cross-referenced MR-id in issues' activities only to authorized users
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-katex-dos-12-0.yml b/changelogs/unreleased/security-katex-dos-12-0.yml
deleted file mode 100644
index df803a5eafd..00000000000
--- a/changelogs/unreleased/security-katex-dos-12-0.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Enforce max chars and max render time in markdown math
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-mr-head-pipeline-leak.yml b/changelogs/unreleased/security-mr-head-pipeline-leak.yml
deleted file mode 100644
index b15b353ff41..00000000000
--- a/changelogs/unreleased/security-mr-head-pipeline-leak.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Check permissions before responding in MergeController#pipeline_status
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-personal-snippets.yml b/changelogs/unreleased/security-personal-snippets.yml
deleted file mode 100644
index 95f61993b98..00000000000
--- a/changelogs/unreleased/security-personal-snippets.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Remove EXIF from users/personal snippet uploads.
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-project-import-bypass.yml b/changelogs/unreleased/security-project-import-bypass.yml
deleted file mode 100644
index fc7b823509c..00000000000
--- a/changelogs/unreleased/security-project-import-bypass.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix project import restricted visibility bypass via API
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-sarcila-fix-weak-session-management.yml b/changelogs/unreleased/security-sarcila-fix-weak-session-management.yml
deleted file mode 100644
index a37a3099519..00000000000
--- a/changelogs/unreleased/security-sarcila-fix-weak-session-management.yml
+++ /dev/null
@@ -1,6 +0,0 @@
----
-title: Fix weak session management by clearing password reset tokens after login (username/email)
-  are updated
-merge_request:
-author:
-type: security
diff --git a/changelogs/unreleased/security-ssrf-kubernetes-dns.yml b/changelogs/unreleased/security-ssrf-kubernetes-dns.yml
deleted file mode 100644
index 4d6335e4b08..00000000000
--- a/changelogs/unreleased/security-ssrf-kubernetes-dns.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Fix SSRF via DNS rebinding in Kubernetes Integration
-merge_request:
-author:
-type: security
-- 
cgit v1.2.3