diff options
author | John T Skarbek <jskarbek@gitlab.com> | 2019-08-12 16:36:59 -0400 |
---|---|---|
committer | John T Skarbek <jskarbek@gitlab.com> | 2019-08-12 16:36:59 -0400 |
commit | 975763607443fad50e192411ad1da06ebb2ff532 (patch) | |
tree | 6d874a429894f7111cd19b8e421fd0c6d0ac0aac | |
parent | 71ec793214dd81701b5485aa10e20c9719cb0584 (diff) | |
parent | 5313f99818f6503d490d3efe8afa692aa4c4bd34 (diff) | |
download | gitlab-ce-975763607443fad50e192411ad1da06ebb2ff532.tar.gz |
Merge remote-tracking branch 'dev/master'
-rw-r--r-- | CHANGELOG.md | 20 | ||||
-rw-r--r-- | GITLAB_PAGES_VERSION | 2 |
2 files changed, 21 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 0752708d5e8..267a1caafec 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 12.1.5 + +### Security (2 changes) + +- Upgrade Gitaly to 1.53.2 to prevent revision flag injection exploits. +- Upgrade pages to 1.7.1 to prevent gitlab api token recovery from cookie. + + ## 12.1.4 ### Fixed (3 changes, 1 of them is from the community) @@ -330,6 +338,10 @@ entry. - Removes EE differences for app/views/admin/users/show.html.haml. +## 12.0.6 + +- No changes. + ## 12.0.3 (2019-06-27) - No changes. @@ -678,6 +690,14 @@ entry. - Moves snowplow to CE repo. +## 11.11.8 + +### Security (2 changes) + +- Upgrade Gitaly to 1.42.7 to prevent revision flag injection exploits. +- Upgrade pages to 1.5.1 to prevent gitlab api token recovery from cookie. + + ## 11.11.7 ### Security (9 changes) diff --git a/GITLAB_PAGES_VERSION b/GITLAB_PAGES_VERSION index bd8bf882d06..943f9cbc4ec 100644 --- a/GITLAB_PAGES_VERSION +++ b/GITLAB_PAGES_VERSION @@ -1 +1 @@ -1.7.0 +1.7.1 |