Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
2d03845a
Commit
2d03845a
authored
Oct 01, 2019
by
Marin Jankovski
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'master' of dev.gitlab.org:gitlab/gitlabhq
parents
1dd77c71
4542a994
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
12 additions
and
0 deletions
+12
-0
CHANGELOG.md
CHANGELOG.md
+7
-0
changelogs/unreleased/12-3-stable.yml
changelogs/unreleased/12-3-stable.yml
+5
-0
No files found.
CHANGELOG.md
View file @
2d03845a
...
@@ -636,12 +636,19 @@ entry.
...
@@ -636,12 +636,19 @@ entry.
## 12.1.12
## 12.1.12
<<<<<<< HEAD
### Security (11 changes)
=======
### Security (12 changes)
### Security (12 changes)
>>>>>>> master
-
Add a policy check for system notes that may not be visible due to cross references to private items.
-
Add a policy check for system notes that may not be visible due to cross references to private items.
-
Display only participants that user has permission to see on milestone page.
-
Display only participants that user has permission to see on milestone page.
-
Do not disclose project milestones on group milestones page when project milestones access is disabled in project settings.
-
Do not disclose project milestones on group milestones page when project milestones access is disabled in project settings.
<<<<<<< HEAD
=======
-
Check permissions before showing head pipeline blocking merge requests.
-
Check permissions before showing head pipeline blocking merge requests.
>>>>>>> master
-
Fix new project path being disclosed through unsubscribe link of issue/merge requests.
-
Fix new project path being disclosed through unsubscribe link of issue/merge requests.
-
Prevent bypassing email verification using Salesforce.
-
Prevent bypassing email verification using Salesforce.
-
Do not show resource label events referencing not accessible labels.
-
Do not show resource label events referencing not accessible labels.
...
...
changelogs/unreleased/12-3-stable.yml
0 → 100644
View file @
2d03845a
---
title
:
Fix Gitaly SearchBlobs flag RPC injection
merge_request
:
author
:
type
:
security
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
