summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJohn Skarbek <jskarbek@gitlab.com>2019-08-09 14:12:00 +0000
committerJohn Skarbek <jskarbek@gitlab.com>2019-08-09 14:12:00 +0000
commitffa954c9008765310b0ec9149aa1f12208100eab (patch)
tree67479e7edb780f7afcf031102b1f3776c3ee7c17
parent71d8815405b09046b2e4bcf0ea0a732d21c87e2a (diff)
parent2fe060a24080a1435d8ce2a75c025f91def92f82 (diff)
downloadgitlab-ce-ffa954c9008765310b0ec9149aa1f12208100eab.tar.gz
Merge branch 'security-pages-api-token-recovery' into 'master'
Fix gitlab api token recovery See merge request gitlab/gitlabhq!3286
-rw-r--r--GITLAB_PAGES_VERSION2
-rw-r--r--changelogs/unreleased/security-pages-api-token-recovery.yml5
2 files changed, 6 insertions, 1 deletions
diff --git a/GITLAB_PAGES_VERSION b/GITLAB_PAGES_VERSION
index bd8bf882d06..943f9cbc4ec 100644
--- a/GITLAB_PAGES_VERSION
+++ b/GITLAB_PAGES_VERSION
@@ -1 +1 @@
-1.7.0
+1.7.1
diff --git a/changelogs/unreleased/security-pages-api-token-recovery.yml b/changelogs/unreleased/security-pages-api-token-recovery.yml
new file mode 100644
index 00000000000..b8193368360
--- /dev/null
+++ b/changelogs/unreleased/security-pages-api-token-recovery.yml
@@ -0,0 +1,5 @@
+---
+title: Upgrade pages to 1.7.1 to prevent gitlab api token recovery from cookie
+merge_request:
+author:
+type: security