Commit 894d90c7 authored by GitLab Release Tools Bot's avatar GitLab Release Tools Bot

Update CHANGELOG.md for 11.9.3

[ci skip]
parent dd5ae73e
......@@ -2,6 +2,20 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
## 11.9.3 (2019-03-27)
### Security (8 changes)
- Disallow guest users from accessing Releases.
- Fix PDF.js vulnerability.
- Hide "related branches" when user does not have permission.
- Fix XSS in resolve conflicts form.
- Added rake task for removing EXIF data from existing uploads.
- Return cached languages if they've been detected before.
- Disallow updating namespace when updating a project.
- Use UntrustedRegexp for matching refs policy.
## 11.9.2 (2019-03-26)
- Unreleased due to QA failure.
......
---
title: Disallow guest users from accessing Releases
merge_request:
author:
type: security
---
title: Fix PDF.js vulnerability
merge_request:
author:
type: security
---
title: Hide "related branches" when user does not have permission
merge_request:
author:
type: security
---
title: Fix XSS in resolve conflicts form
merge_request:
author:
type: security
---
title: Added rake task for removing EXIF data from existing uploads.
merge_request:
author:
type: security
---
title: Return cached languages if they've been detected before
merge_request:
author:
type: security
---
title: Disallow updating namespace when updating a project
merge_request:
author:
type: security
---
title: Use UntrustedRegexp for matching refs policy
merge_request:
author:
type: security
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment