Skip to content
Snippets Groups Projects
Commit 16855c8b authored by Oswaldo Ferreir's avatar Oswaldo Ferreir
Browse files

Update CHANGELOG.md for 10.2.6 

[ci skip]
parent f284097d
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 15 additions and 0 deletions
CHANGELOG.md
+ 15
0
View file @ 16855c8b
@@ -193,6 +193,21 @@ entry.
- Clean up schema of the "merge_requests" table.
 
 
## 10.2.6 (2018-01-11)
### Security (9 changes, 1 of them is from the community)
- Fix writable shared deploy keys.
- Filter out sensitive fields from the project services API. (Robert Schilling)
- Fix RCE via project import mechanism.
- Fixed IPython notebook output not being sanitized.
- Prevent OAuth login POST requests when a provider has been disabled.
- Prevent a SQL injection in the MilestonesFinder.
- Check user authorization for source and target projects when creating a merge request.
- Fix path traversal in gitlab-ci.yml cache:key.
- Fix XSS vulnerability in pipeline job trace.
## 10.2.5 (2017-12-15)
 
### Fixed (8 changes)
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment