Update CHANGELOG.md for 11.9.12

[ci skip]
parent 35dfe85f
......@@ -478,6 +478,24 @@ entry.
- Removes EE differences for environment_item.vue.
## 11.9.12 (2019-05-30)
### Security (12 changes, 1 of them is from the community)
- Protect Gitlab::HTTP against DNS rebinding attack.
- Fix project visibility level validation. (Peter Marko)
- Update Knative version.
- Add DNS rebinding protection settings.
- Prevent XSS injection in note imports.
- Prevent invalid branch for merge request.
- Filter relative links in wiki for XSS.
- Fix confidential issue label disclosure on milestone view.
- Fix url redaction for issue links.
- Resolve: Milestones leaked via search API.
- Prevent bypass of restriction disabling web password sign in.
- Hide confidential issue title on unsubscribe for anonymous users.
## 11.9.10 (2019-04-26)
### Security (5 changes)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment