Commit 9df1f13e authored by DJ Mountney's avatar DJ Mountney

Update CHANGELOG.md for 8.17.5

[ci skip]
parent 1c500992
...@@ -2,6 +2,14 @@ ...@@ -2,6 +2,14 @@
documentation](doc/development/changelog.md) for instructions on adding your own documentation](doc/development/changelog.md) for instructions on adding your own
entry. entry.
## 8.17.5 (2017-04-05)
- Don’t show source project name when user does not have access.
- Remove the class attribute from the whitelist for HTML generated from Markdown.
- Fix path disclosure in project import/export.
- Fix for open redirect vulnerability using continue[to] in URL when requesting project import status.
- Fix for open redirect vulnerabilities in todos, issues, and MR controllers.
## 8.17.4 (2017-03-19) ## 8.17.4 (2017-03-19)
- Only show public emails in atom feeds. - Only show public emails in atom feeds.
......
---
title: Don’t show source project name when user does not have access
merge_request:
author:
---
title: Remove the class attribute from the whitelist for HTML generated from Markdown.
merge_request:
author:
---
title: Fix path disclosure in project import/export
merge_request:
author:
---
title: Fix for open redirect vulnerability using continue[to] in URL when requesting project import status.
merge_request:
author:
---
title: Fix for open redirect vulnerabilities in todos, issues, and MR controllers.
merge_request:
author:
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment