Skip to content
Snippets Groups Projects
Commit 25dfb834 authored by GitLab Release Tools Bot's avatar GitLab Release Tools Bot
Browse files

Update CHANGELOG.md for 13.8.5-ee 

[ci skip]
parent 0e64554f
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 12 additions and 0 deletions
CHANGELOG.md
+ 12
0
View file @ 25dfb834
@@ -600,6 +600,18 @@ entry.
- Apply new GitLab UI for buttons in pipeline schedules.
 
 
## 13.8.5 (2021-03-04)
### Security (6 changes)
- Fix XSS in wiki author email and name.
- Bump thrift gem to 0.14.0.
- Allow only owners to manage group variables.
- Do not store marshalled sessions ids in Redis.
- Workhorse: prevent escaped router path traversal.
- Fix XSS vulnerability for swagger file viewer.
## 13.8.4 (2021-02-11)
 
### Security (9 changes)
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment