Skip to content

G
gitlab-ce
Commit f284097d authored by Oswaldo Ferreira's avatar Oswaldo Ferreira
Browse files
Options

Update CHANGELOG.md for 10.3.4 

[ci skip]
parent be623ef3
Hide whitespace changes
Inline Side-by-side
Showing with 13 additions and 0 deletions
CHANGELOG.md
View file @ f284097d
...@@ -2,6 +2,19 @@ ...@@ -2,6 +2,19 @@
documentation](doc/development/changelog.md) for instructions on adding your own documentation](doc/development/changelog.md) for instructions on adding your own
entry. entry.
## 10.3.4 (2018-01-10)
### Security (7 changes, 1 of them is from the community)
- Prevent a SQL injection in the MilestonesFinder.
- Fix RCE via project import mechanism.
- Prevent OAuth login POST requests when a provider has been disabled.
- Filter out sensitive fields from the project services API. (Robert Schilling)
- Check user authorization for source and target projects when creating a merge request.
- Fix path traversal in gitlab-ci.yml cache:key.
- Fix writable shared deploy keys.
## 10.3.3 (2018-01-02) ## 10.3.3 (2018-01-02)
### Fixed (3 changes) ### Fixed (3 changes)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7