Skip to content

G
gitlab-ce
Commit e5531c8c authored by GitLab Release Tools Bot's avatar GitLab Release Tools Bot
Browse files
Options

Update CHANGELOG.md for 13.1.6 

[ci skip]
parent 8d5d3233
Hide whitespace changes
Inline Side-by-side
Showing with 17 additions and 5 deletions
CHANGELOG.md
View file @ e5531c8c
......@@ -1047,6 +1047,23 @@ entry.
- Remove removeIssue logic from list model. (nuwe1)
## 13.1.6 (2020-08-05)
### Security (11 changes)
- Add decompressed archive size validation on Project/Group Import. !562
- Enforce 2FA on Doorkeeper controllers.
- Refresh project authorizations when transferring groups.
- Stop excess logs from failure to send invite email when group no longer exists.
- Verify confirmed email for OAuth Authorize POST endpoint.
- Revoke OAuth grants when a user revokes an application.
- Fix XSS in Markdown reference tooltips.
- Fix XSS in milestone tooltips.
- Fix xss vulnerability on jobs view.
- Block 40-character hexadecimal branches.
- Update GitLab Runner Helm Chart to 0.17.2.
## 13.1.5 (2020-07-23)
- No changes.
......
changelogs/unreleased/security-fix-import-decompr-issue.yml deleted 100644 → 0
View file @ 8d5d3233
---
title: Add decompressed archive size validation on Project/Group Import
merge_request: 562
author:
type: security
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7