Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
4a650a2b
Commit
4a650a2b
authored
Apr 30, 2020
by
GitLab Release Tools Bot
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update CHANGELOG.md for 12.10.2
[ci skip]
parent
20444f9b
Changes
9
Hide whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
14 additions
and
41 deletions
+14
-41
CHANGELOG.md
CHANGELOG.md
+14
-0
changelogs/unreleased/bug-codeowner-diffs.yml
changelogs/unreleased/bug-codeowner-diffs.yml
+0
-5
changelogs/unreleased/security-apply-codeowners-checks-to-web_ui.yml
...unreleased/security-apply-codeowners-checks-to-web_ui.yml
+0
-5
changelogs/unreleased/security-branch-permissions.yml
changelogs/unreleased/security-branch-permissions.yml
+0
-5
changelogs/unreleased/security-file-template-project.yml
changelogs/unreleased/security-file-template-project.yml
+0
-5
changelogs/unreleased/security-fix-CVE-2020-10187.yml
changelogs/unreleased/security-fix-CVE-2020-10187.yml
+0
-5
changelogs/unreleased/security-mask-gh-service-password.yml
changelogs/unreleased/security-mask-gh-service-password.yml
+0
-5
changelogs/unreleased/security-mirror-urls.yml
changelogs/unreleased/security-mirror-urls.yml
+0
-5
changelogs/unreleased/security-validate-use-propery-workhorse-rewritten-fields-for-multipart-up.yml
...e-propery-workhorse-rewritten-fields-for-multipart-up.yml
+0
-6
No files found.
CHANGELOG.md
View file @
4a650a2b
...
...
@@ -2,6 +2,20 @@
documentation
](
doc/development/changelog.md
)
for instructions on adding your own
entry.
## 12.10.2 (2020-04-30)
### Security (8 changes)
-
Ensure MR diff exists before codeowner check.
-
Apply CODEOWNERS validations to web requests.
-
Prevent unauthorized access to default branch.
-
Do not return private project ID without permission.
-
Fix doorkeeper CVE-2020-10187.
-
Change GitHub service integration token input to password.
-
Return only safe urls for mirrors.
-
Validate workhorse 'rewritten_fields' and properly use them during multipart uploads.
## 12.10.1 (2020-04-24)
### Fixed (5 changes)
...
...
changelogs/unreleased/bug-codeowner-diffs.yml
deleted
100644 → 0
View file @
20444f9b
---
title
:
Ensure MR diff exists before codeowner check
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-apply-codeowners-checks-to-web_ui.yml
deleted
100644 → 0
View file @
20444f9b
---
title
:
Apply CODEOWNERS validations to web requests
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-branch-permissions.yml
deleted
100644 → 0
View file @
20444f9b
---
title
:
Prevent unauthorized access to default branch
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-file-template-project.yml
deleted
100644 → 0
View file @
20444f9b
---
title
:
Do not return private project ID without permission
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-fix-CVE-2020-10187.yml
deleted
100644 → 0
View file @
20444f9b
---
title
:
Fix doorkeeper CVE-2020-10187
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-mask-gh-service-password.yml
deleted
100644 → 0
View file @
20444f9b
---
title
:
Change GitHub service integration token input to password
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-mirror-urls.yml
deleted
100644 → 0
View file @
20444f9b
---
title
:
Return only safe urls for mirrors
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-validate-use-propery-workhorse-rewritten-fields-for-multipart-up.yml
deleted
100644 → 0
View file @
20444f9b
---
title
:
Validate workhorse 'rewritten_fields' and properly use them during multipart
uploads
merge_request
:
author
:
type
:
security
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment