Skip to content
Snippets Groups Projects
Commit e0dd779e authored by GitLab Release Tools Bot's avatar GitLab Release Tools Bot
Browse files

Update CHANGELOG.md for 13.8.4-ee 

[ci skip]
parent a50d2bfa
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 15 additions and 45 deletions
CHANGELOG.md
+ 15
0
View file @ e0dd779e
@@ -2,6 +2,21 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
 
## 13.8.4 (2021-02-11)
### Security (9 changes)
- Cancel running and pending jobs when a project is deleted. !1220
- Prevent Denial of Service Attack on gitlab-shell.
- Prevent exposure of confidential issue titles in file browser.
- Updates authorization for linting API.
- Check user access on API merge request read actions.
- Limit daily invitations to groups and projects.
- Enforce the analytics enabled project setting for project-level analytics features.
- Perform SSL verification for FortiTokenCloud Integration.
- Prevent Server-side Request Forgery for Prometheus when secured by Google IAP.
## 13.8.3 (2021-02-05)
 
### Fixed (2 changes)
changelogs/unreleased/security-cancel-pipelines-for-deleted-project.yml deleted 100644 → 0
+ 0
5
View file @ a50d2bfa
---
title: Cancel running and pending jobs when a project is deleted
merge_request: 1220
author:
type: security
changelogs/unreleased/security-check-user-access-on-api-mr-read-actions-master.yml deleted 100644 → 0
+ 0
5
View file @ a50d2bfa
---
title: Check user access on API merge request read actions
merge_request:
author:
type: security
changelogs/unreleased/security-confidential-titles.yml deleted 100644 → 0
+ 0
5
View file @ a50d2bfa
---
title: Prevent exposure of confidential issue titles in file browser
merge_request:
author:
type: security
changelogs/unreleased/security-fix-unauthenticated-lint.yml deleted 100644 → 0
+ 0
5
View file @ a50d2bfa
---
title: Updates authorization for linting API
merge_request:
author:
type: security
changelogs/unreleased/security-limit-fscanl.yml deleted 100644 → 0
+ 0
5
View file @ a50d2bfa
---
title: Prevent Denial of Service Attack on gitlab-shell
merge_request:
author:
type: security
changelogs/unreleased/security-limit-invitations.yml deleted 100644 → 0
+ 0
5
View file @ a50d2bfa
---
title: Limit daily invitations to groups and projects
merge_request:
author:
type: security
changelogs/unreleased/security-respect-analytics-enabled-rule-for-project-level-analytics-featu.yml deleted 100644 → 0
+ 0
5
View file @ a50d2bfa
---
title: Enforce the analytics enabled project setting for project-level analytics features
merge_request:
author:
type: security
changelogs/unreleased/security-ssl-verification-ftc.yml deleted 100644 → 0
+ 0
5
View file @ a50d2bfa
---
title: Perform SSL verification for FortiTokenCloud Integration
merge_request:
author:
type: security
changelogs/unreleased/security-ssrf-prometheus-iap.yml deleted 100644 → 0
+ 0
5
View file @ a50d2bfa
---
title: Prevent Server-side Request Forgery for Prometheus when secured by Google IAP
merge_request:
author:
type: security
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment