documentation](doc/development/changelog.md) for instructions on adding your own
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
entry.
## 13.12.6 (2021-07-01)
### Added (1 change)
-[Added omniauth_user check when verifying user cap](gitlab-org/security/gitlab@a61062501630c35820301e9f79a036219d1e3074)([merge request](gitlab-org/security/gitlab!1502)) **GitLab Enterprise Edition**
### Security (14 changes)
-[Bump rails gem version to 6.0.3.7](gitlab-org/security/gitlab@58d27ba819867baadf535e0d8d91d0cb818dc8b6)([merge request](gitlab-org/security/gitlab!1515))
-[Update rdoc to 6.3.1](gitlab-org/security/gitlab@ead11a6974576b0b1a974985493c75143e3bd575)([merge request](gitlab-org/security/gitlab!1534))
-[Add sanitizing for name field](gitlab-org/security/gitlab@2c5672eae4323c2682245485b327850e68e7e5b4)([merge request](gitlab-org/security/gitlab!1490))
-[Forbid GET requests with mutations](gitlab-org/security/gitlab@2b01d6dc310451fa3022f1865470ca004bbd4c33)([merge request](gitlab-org/security/gitlab!1529))
-[Copy feature visibility settings to a fork](gitlab-org/security/gitlab@5ee923ba64fb34fc38f831fc206a153d8f7eae91)([merge request](gitlab-org/security/gitlab!1523))
-[Avoid disclosing project in web IDE](gitlab-org/security/gitlab@759d1361e7f359d681c4f55ea2b6f7e1d0bb1e53)([merge request](gitlab-org/security/gitlab!1512))
-[Add new username validation](gitlab-org/security/gitlab@e79625541d04b0d6c94614f2afc6aaeb2ef40083)([merge request](gitlab-org/security/gitlab!1495))
-[Allow only same-origin URLs for Edit Release Cancel button](gitlab-org/security/gitlab@e5bda0a7e03978afee494616e2054b8650b61d3e)([merge request](gitlab-org/security/gitlab!1486))
-[Update Nokogiri to 1.11.4](gitlab-org/security/gitlab@d71973da1850df059b1ec1422d50bbccace21ff2)([merge request](gitlab-org/security/gitlab!1479))
-[Fix deploy key fallback issue in protected branch](gitlab-org/security/gitlab@0411bc45885e1122c06dbff084b48bf03d78c6a8)([merge request](gitlab-org/security/gitlab!1478))
-[Fix XSS on audit log for feature flag actions](gitlab-org/security/gitlab@22e2f903c821e54ce6d4b4b749a009d14abc4a13)([merge request](gitlab-org/security/gitlab!1474))
-[Sanitize input on pasteGFM](gitlab-org/security/gitlab@7dc511ebc2e77c3d22cd34ca87449f32120a5229)([merge request](gitlab-org/security/gitlab!1453))
-[Add total http read timeout](gitlab-org/security/gitlab@37c24c82d5dfa57fad03f265e7ba92f6ef250c30)([merge request](gitlab-org/security/gitlab!1427))
-[Fix merge request diff display issue with unsupported encoding](gitlab-org/security/gitlab@7d05892daa6aaf951b941628e2af41e17977b140)([merge request](gitlab-org/security/gitlab!1424))