Commit 643958d4 authored by GitLab Bot's avatar GitLab Bot

Add latest changes from gitlab-org/security/gitlab@13-8-stable-ee

parent 85b355c3
......@@ -2,6 +2,17 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
## 13.8.2 (2021-02-01)
### Security (5 changes)
- Filter sensitive GraphQL variables from logs.
- Avoid exposing release links when the user cannot read git-tag/repository.
- Sanitize target branch on MR page.
- Fix DNS rebinding protection bypass when allowing an IP address in Outbound Requests setting.
- Add routes for unmatched url for not-get requests.
## 13.8.1 (2021-01-26)
### Fixed (3 changes)
......
13.8.1
\ No newline at end of file
13.8.2
\ No newline at end of file
---
title: Filter sensitive GraphQL variables from logs
merge_request:
author:
type: security
---
title: Avoid exposing release links when the user cannot read git-tag/repository
merge_request:
author:
type: security
---
title: Sanitize target branch on MR page
merge_request:
author:
type: security
---
title: Fix DNS rebinding protection bypass when allowing an IP address in Outbound Requests setting
merge_request:
author:
type: security
---
title: Add routes for unmatched url for not-get requests
merge_request:
author:
type: security
File mode changed from 100644 to 100755
File mode changed from 100644 to 100755
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment