Skip to content
Snippets Groups Projects
Commit e96b1961 authored by Alessio Caiazza's avatar Alessio Caiazza
Browse files

Update CHANGELOG.md for 10.8.5 

[ci skip]
parent 45f6bacd
No related branches found
No related tags found
1 merge request!10495Merge Requests - Assignee
Hide whitespace changes
Inline Side-by-side
Showing
with 11 additions and 0 deletions
CHANGELOG.md
+ 11
0
View file @ e96b1961
@@ -253,6 +253,17 @@ entry.
- Workhorse to send raw diff and patch for commits.
 
 
## 10.8.5 (2018-06-21)
### Security (5 changes)
- Fix XSS vulnerability for table of content generation.
- Update sanitize gem to 4.6.5 to fix HTML injection vulnerability.
- HTML escape branch name in project graphs page.
- HTML escape the name of the user in ProjectsHelper#link_to_member.
- Don't show events from internal projects for anonymous users in public feed.
## 10.8.4 (2018-06-06)
 
- No changes.
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment