Skip to content
Snippets Groups Projects
Commit dcca143e authored by GitLab Release Tools Bot's avatar GitLab Release Tools Bot
Browse files

Update CHANGELOG.md for 12.0.3 

[ci skip]
parent bb771fae
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 16 additions and 0 deletions
CHANGELOG.md
+ 16
0
View file @ dcca143e
@@ -2,6 +2,22 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
 
## 12.0.3 (2019-06-27)
### Security (10 changes)
- Persist tmp snippet uploads at users.
- Gate MR head_pipeline behind read_pipeline ability.
- Fix DoS vulnerability in color validation regex.
- Expose merge requests count based on user access.
- Fix Denial of Service for comments when rendering issues/MR comments.
- Add missing authorizations in GraphQL.
- Disable Rails SQL query cache when applying service templates.
- Prevent Billion Laughs attack.
- Correctly check permissions when creating snippet notes.
- Prevent the detection of merge request templates by unauthorized users.
## 12.0.2 (2019-06-25)
 
### Fixed (7 changes, 1 of them is from the community)
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment