Skip to content
Snippets Groups Projects
Commit b475ac65 authored by GitLab Release Tools Bot's avatar GitLab Release Tools Bot
Browse files

Update CHANGELOG.md for 12.4.4 

[ci skip]
parent 8539ed88
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 15 additions and 46 deletions
CHANGELOG.md
+ 15
0
View file @ b475ac65
@@ -2,6 +2,21 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
 
## 12.4.4
### Security (9 changes)
- Check permissions before showing a forked project's source.
- Encrypt application setting tokens.
- Update Workhorse and Gitaly to fix a security issue.
- Hide commit counts from guest users in Cycle Analytics.
- Limit potential for DNS rebind SSRF in chat notifications.
- Fix 500 error caused by invalid byte sequences in links.
- Ensure are cleaned by ImportExport::AttributeCleaner.
- Remove notes regarding Related Branches from Issue activity feeds for guest users.
- Escape namespace in label references to prevent XSS.
## 12.4.3
 
### Fixed (2 changes)
changelogs/unreleased/security-28802-respect-fork-parent-visibility-ee.yml deleted 100644 → 0
+ 0
5
View file @ 8539ed88
---
title: Check permissions before showing a forked project's source
merge_request:
author:
type: security
changelogs/unreleased/security-2943-encrypt-plaintext-tokens.yml deleted 100644 → 0
+ 0
5
View file @ 8539ed88
---
title: Encrypt application setting tokens
merge_request:
author:
type: security
changelogs/unreleased/security-29660-update-dependencies-12-4.yml deleted 100644 → 0
+ 0
5
View file @ 8539ed88
---
title: Update Workhorse and Gitaly to fix a security issue
merge_request:
author:
type: security
changelogs/unreleased/security-ag-cycle-analytics-guest-permissions.yml deleted 100644 → 0
+ 0
5
View file @ 8539ed88
---
title: Hide commit counts from guest users in Cycle Analytics.
merge_request:
author:
type: security
changelogs/unreleased/security-dns-rebind-ssrf-in-slack-notifications.yml deleted 100644 → 0
+ 0
5
View file @ 8539ed88
---
title: Limit potential for DNS rebind SSRF in chat notifications
merge_request:
author:
type: security
changelogs/unreleased/security-dos-issue-and-commit-comments-master.yml deleted 100644 → 0
+ 0
5
View file @ 8539ed88
---
title: Fix 500 error caused by invalid byte sequences in links
merge_request:
author:
type: security
changelogs/unreleased/security-exclude_ids_attribute_cleaning.yml deleted 100644 → 0
+ 0
5
View file @ 8539ed88
---
title: Ensure are cleaned by ImportExport::AttributeCleaner
merge_request:
author:
type: security
changelogs/unreleased/security-filter-related-branches-from-activity-feed.yml deleted 100644 → 0
+ 0
6
View file @ 8539ed88
---
title: Remove notes regarding Related Branches from Issue activity feeds for guest
users
merge_request:
author:
type: security
changelogs/unreleased/security-fix-xss-in-label-namespace.yml deleted 100644 → 0
+ 0
5
View file @ 8539ed88
---
title: Escape namespace in label references to prevent XSS
merge_request:
author:
type: security
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment