Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
16855c8b
Commit
16855c8b
authored
Jan 11, 2018
by
Oswaldo Ferreira
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update CHANGELOG.md for 10.2.6
[ci skip]
parent
f284097d
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
15 additions
and
0 deletions
+15
-0
CHANGELOG.md
CHANGELOG.md
+15
-0
No files found.
CHANGELOG.md
View file @
16855c8b
...
@@ -193,6 +193,21 @@ entry.
...
@@ -193,6 +193,21 @@ entry.
-
Clean up schema of the "merge_requests" table.
-
Clean up schema of the "merge_requests" table.
## 10.2.6 (2018-01-11)
### Security (9 changes, 1 of them is from the community)
-
Fix writable shared deploy keys.
-
Filter out sensitive fields from the project services API. (Robert Schilling)
-
Fix RCE via project import mechanism.
-
Fixed IPython notebook output not being sanitized.
-
Prevent OAuth login POST requests when a provider has been disabled.
-
Prevent a SQL injection in the MilestonesFinder.
-
Check user authorization for source and target projects when creating a merge request.
-
Fix path traversal in gitlab-ci.yml cache:key.
-
Fix XSS vulnerability in pipeline job trace.
## 10.2.5 (2017-12-15)
## 10.2.5 (2017-12-15)
### Fixed (8 changes)
### Fixed (8 changes)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment