Commit d9f40fdd authored by Winnie Hellmann's avatar Winnie Hellmann

Merge branch 'winh-merge-dev-docs' into 'master'

Resolve merge conflicts with dev.gitlab.org/master after security release

See merge request gitlab-org/gitlab-ce!15851
parents 3daa7331 40d404a6
...@@ -2,9 +2,9 @@ ...@@ -2,9 +2,9 @@
documentation](doc/development/changelog.md) for instructions on adding your own documentation](doc/development/changelog.md) for instructions on adding your own
entry. entry.
## 10.2.4 (2017-12-08) ## 10.2.4 (2017-12-07)
### Security (4 changes) ### Security (5 changes)
- Fix e-mail address disclosure through member search fields - Fix e-mail address disclosure through member search fields
- Prevent creating issues through API when user does not have permissions - Prevent creating issues through API when user does not have permissions
...@@ -248,6 +248,17 @@ entry. ...@@ -248,6 +248,17 @@ entry.
- Add Gitaly metrics to the performance bar. - Add Gitaly metrics to the performance bar.
## 10.1.5 (2017-12-07)
### Security (5 changes)
- Fix e-mail address disclosure through member search fields
- Prevent creating issues through API when user does not have permissions
- Prevent an information disclosure in the Groups API
- Fix user without access to private Wiki being able to see it on the project page
- Fix Cross-Site Scripting (XSS) vulnerability while editing a comment
## 10.1.4 (2017-11-14) ## 10.1.4 (2017-11-14)
### Fixed (4 changes) ### Fixed (4 changes)
...@@ -496,6 +507,17 @@ entry. ...@@ -496,6 +507,17 @@ entry.
- creation of keys moved to services. !13331 (haseebeqx) - creation of keys moved to services. !13331 (haseebeqx)
- Add username as GL_USERNAME in hooks. - Add username as GL_USERNAME in hooks.
## 10.0.7 (2017-12-07)
### Security (5 changes)
- Fix e-mail address disclosure through member search fields
- Prevent creating issues through API when user does not have permissions
- Prevent an information disclosure in the Groups API
- Fix user without access to private Wiki being able to see it on the project page
- Fix Cross-Site Scripting (XSS) vulnerability while editing a comment
## 10.0.5 (2017-11-03) ## 10.0.5 (2017-11-03)
- [FIXED] Fix incorrect X-axis labels in Prometheus graphs. !14258 - [FIXED] Fix incorrect X-axis labels in Prometheus graphs. !14258
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment