Merge branch 'winh-merge-dev-ee-docs' into 'master'

Resolve merge conflicts with dev.gitlab.org/master after security release (EE port) See merge request gitlab-org/gitlab-ee!3707

Merge branch 'winh-merge-dev-ee-docs' into 'master'
Resolve merge conflicts with dev.gitlab.org/master after security release (EE port) See merge request gitlab-org/gitlab-ee!3707
c50a6435 · Winnie Hellmann · 54045892 · 2ecad9fe · c50a6435 · c50a6435
Commit c50a6435 authored Dec 11, 2017 by Winnie Hellmann
Hide whitespace changes
Inline Side-by-side

Showing with 36 additions and 2 deletions

CHANGELOG-EE.md CHANGELOG-EE.md +12 -0

CHANGELOG.md CHANGELOG.md +24 -2

No files found.
--- a/CHANGELOG-EE.md
+++ b/CHANGELOG-EE.md
 Please view this file on the master branch, on stable branches it's out of date.

+## 10.2.4 (2017-12-07)
+
+- No changes.
+
 ## 10.2.3 (2017-11-30)

 ### Fixed (5 changes)
@@ -93,6 +97,10 @@ Please view this file on the master branch, on stable branches it's out of date.
 - Enhance the documentation for gitlab-ctl replicate-geo-database. !3268


+## 10.1.5 (2017-12-07)
+
+- No changes.
+
 ## 10.1.4 (2017-11-14)

 - No changes.
@@ -147,6 +155,10 @@ Please view this file on the master branch, on stable branches it's out of date.
 - [OTHER] Add partial index on push_rules.is_sample.
 - Add new push rule to reject unsigned commits. !2913

+## 10.0.7 (2017-12-07)
+
+- No changes.
+
 ## 10.0.5 (2017-11-03)

 - [FIXED] Find stuck scheduled import jobs and also mark them as failed. !3055

--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,9 +2,9 @@
 documentation](doc/development/changelog.md) for instructions on adding your own
 entry.

-## 10.2.4 (2017-12-08)
+## 10.2.4 (2017-12-07)

-### Security (4 changes)
+### Security (5 changes)

 - Fix e-mail address disclosure through member search fields
 - Prevent creating issues through API when user does not have permissions
@@ -248,6 +248,17 @@ entry.
 - Add Gitaly metrics to the performance bar.


+## 10.1.5 (2017-12-07)
+
+### Security (5 changes)
+
+- Fix e-mail address disclosure through member search fields
+- Prevent creating issues through API when user does not have permissions
+- Prevent an information disclosure in the Groups API
+- Fix user without access to private Wiki being able to see it on the project page
+- Fix Cross-Site Scripting (XSS) vulnerability while editing a comment
+
+
 ## 10.1.4 (2017-11-14)

 ### Fixed (4 changes)
@@ -496,6 +507,17 @@ entry.
 - creation of keys moved to services. !13331 (haseebeqx)
 - Add username as GL_USERNAME in hooks.

+## 10.0.7 (2017-12-07)
+
+### Security (5 changes)
+
+- Fix e-mail address disclosure through member search fields
+- Prevent creating issues through API when user does not have permissions
+- Prevent an information disclosure in the Groups API
+- Fix user without access to private Wiki being able to see it on the project page
+- Fix Cross-Site Scripting (XSS) vulnerability while editing a comment
+
+
 ## 10.0.5 (2017-11-03)

 - [FIXED] Fix incorrect X-axis labels in Prometheus graphs. !14258