Update CHANGELOG.md for 11.10.8

[ci skip]

Update CHANGELOG.md for 11.10.8
[ci skip]
fb224a18 · GitLab Release Tools Bot · a400aa46 · fb224a18 · a400aa46
Commit fb224a18 authored Jun 27, 2019 by GitLab Release Tools Bot
Show whitespace changes
Inline Side-by-side

Showing with 19 additions and 5 deletions

CHANGELOG.md CHANGELOG.md +19 -0

changelogs/unreleased/sh-service-template-bug.yml changelogs/unreleased/sh-service-template-bug.yml +0 -5

No files found.
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -564,6 +564,25 @@ entry.
 - Creates a vendors folder for external CSS.


+## 11.10.8 (2019-06-27)
+
+### Security (9 changes)
+
+- Add missing authorizations in GraphQL.
+- Fix DoS vulnerability in color validation regex.
+- Expose merge requests count based on user access.
+- Fix Denial of Service for comments when rendering issues/MR comments.
+- Persist tmp snippet uploads at users.
+- Prevent Billion Laughs attack.
+- Correctly check permissions when creating snippet notes.
+- Prevent the detection of merge request templates by unauthorized users.
+- Disable Rails SQL query cache when applying service templates.
+
+### Performance (1 change)
+
+- Add improvements to global search of issues and merge requests. !27817
+
+
 ## 11.10.7 (2019-06-26)

 ### Fixed (3 changes)

--- a/changelogs/unreleased/sh-service-template-bug.yml
+++ b/changelogs/unreleased/sh-service-template-bug.yml
---
-title: Disable Rails SQL query cache when applying service templates
-merge_request: 30060
-author:
-type: fixed