Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
40d404a6
Commit
40d404a6
authored
Dec 11, 2017
by
Winnie Hellmann
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Resolve merge conflicts with dev.gitlab.org/master after security release
parent
3daa7331
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
24 additions
and
2 deletions
+24
-2
CHANGELOG.md
CHANGELOG.md
+24
-2
No files found.
CHANGELOG.md
View file @
40d404a6
...
@@ -2,9 +2,9 @@
...
@@ -2,9 +2,9 @@
documentation
](
doc/development/changelog.md
)
for instructions on adding your own
documentation
](
doc/development/changelog.md
)
for instructions on adding your own
entry.
entry.
## 10.2.4 (2017-12-0
8
)
## 10.2.4 (2017-12-0
7
)
### Security (
4
changes)
### Security (
5
changes)
-
Fix e-mail address disclosure through member search fields
-
Fix e-mail address disclosure through member search fields
-
Prevent creating issues through API when user does not have permissions
-
Prevent creating issues through API when user does not have permissions
...
@@ -248,6 +248,17 @@ entry.
...
@@ -248,6 +248,17 @@ entry.
-
Add Gitaly metrics to the performance bar.
-
Add Gitaly metrics to the performance bar.
## 10.1.5 (2017-12-07)
### Security (5 changes)
-
Fix e-mail address disclosure through member search fields
-
Prevent creating issues through API when user does not have permissions
-
Prevent an information disclosure in the Groups API
-
Fix user without access to private Wiki being able to see it on the project page
-
Fix Cross-Site Scripting (XSS) vulnerability while editing a comment
## 10.1.4 (2017-11-14)
## 10.1.4 (2017-11-14)
### Fixed (4 changes)
### Fixed (4 changes)
...
@@ -496,6 +507,17 @@ entry.
...
@@ -496,6 +507,17 @@ entry.
-
creation of keys moved to services. !13331 (haseebeqx)
-
creation of keys moved to services. !13331 (haseebeqx)
-
Add username as GL_USERNAME in hooks.
-
Add username as GL_USERNAME in hooks.
## 10.0.7 (2017-12-07)
### Security (5 changes)
-
Fix e-mail address disclosure through member search fields
-
Prevent creating issues through API when user does not have permissions
-
Prevent an information disclosure in the Groups API
-
Fix user without access to private Wiki being able to see it on the project page
-
Fix Cross-Site Scripting (XSS) vulnerability while editing a comment
## 10.0.5 (2017-11-03)
## 10.0.5 (2017-11-03)
-
[FIXED] Fix incorrect X-axis labels in Prometheus graphs. !14258
-
[FIXED] Fix incorrect X-axis labels in Prometheus graphs. !14258
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment