Update CHANGELOG.md for 13.4.7-ee

[ci skip]

Update CHANGELOG.md for 13.4.7-ee
[ci skip]
d0606973 · GitLab Release Tools Bot · b768a9ea · d0606973
Commit d0606973 authored Dec 07, 2020 by GitLab Release Tools Bot
Hide whitespace changes
Inline Side-by-side

Showing with 16 additions and 0 deletions

CHANGELOG.md CHANGELOG.md +16 -0

No files found.
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1180,6 +1180,22 @@ entry.
 - Bump cluster applications CI template. !45472


+## 13.4.7 (2020-12-07)
+
+### Security (10 changes)
+
+- Validate zoom links to start with https only. !1055
+- Require at least 3 characters when searching for project in the Explore page.
+- Do not show emails of users in confirmation page.
+- Forbid setting a gitlabUserList strategy to a list from another project.
+- Fix mermaid resource consumption in GFM fields.
+- Ensure group and project memberships are not leaked via API for users with private profiles.
+- GraphQL User: do not expose email if set to private.
+- Filter search parameter to prevent data leaks.
+- Do not expose starred projects of users with private profile via API.
+- Do not show starred & contributed projects of users with private profile.
+
+
 ## 13.4.6 (2020-11-03)

 ### Fixed (1 change)