GitLab wurde aktualisiert. Dank regelmäßiger Updates bleibt das THM GitLab sicher und Sie profitieren von den neuesten Funktionen. Vielen Dank für Ihre Geduld.

Commit 177dc714 authored by GitLab Release Tools Bot's avatar GitLab Release Tools Bot
Browse files

Update CHANGELOG.md for 11.10.5

[ci skip]
parent 5f1aaa8b
......@@ -2,6 +2,24 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
## 11.10.5 (2019-05-30)
### Security (12 changes, 1 of them is from the community)
- Protect Gitlab::HTTP against DNS rebinding attack.
- Fix project visibility level validation. (Peter Marko)
- Update Knative version.
- Add DNS rebinding protection settings.
- Prevent XSS injection in note imports.
- Prevent invalid branch for merge request.
- Filter relative links in wiki for XSS.
- Fix confidential issue label disclosure on milestone view.
- Fix url redaction for issue links.
- Resolve: Milestones leaked via search API.
- Prevent bypass of restriction disabling web password sign in.
- Hide confidential issue title on unsubscribe for anonymous users.
## 11.10.4 (2019-05-01)
### Fixed (12 changes)
......
---
title: Protect Gitlab::HTTP against DNS rebinding attack
merge_request:
author:
type: security
---
title: Fix project visibility level validation
merge_request:
author: Peter Marko
type: security
---
title: Update Knative version
merge_request:
author:
type: security
---
title: Add DNS rebinding protection settings
merge_request:
author:
type: security
---
title: Prevent XSS injection in note imports
merge_request:
author:
type: security
---
title: Prevent invalid branch for merge request
merge_request:
author:
type: security
---
title: Filter relative links in wiki for XSS
merge_request:
author:
type: security
---
title: Fix confidential issue label disclosure on milestone view
merge_request:
author:
type: security
---
title: Fix url redaction for issue links
merge_request:
author:
type: security
---
title: 'Resolve: Milestones leaked via search API'
merge_request:
author:
type: security
---
title: Prevent bypass of restriction disabling web password sign in
merge_request:
author:
type: security
---
title: Hide confidential issue title on unsubscribe for anonymous users
merge_request:
author:
type: security
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment