summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGitLab Release Tools Bot <robert+release-tools@gitlab.com>2018-08-27 12:03:12 +0000
committerGitLab Release Tools Bot <robert+release-tools@gitlab.com>2018-08-27 12:03:12 +0000
commitd1aef1f14deb6663589034d7b66ea1a60ee1e4a8 (patch)
tree8d59b64beb6a30c57472894e0eb304d7f2af35c3
parentd95680bc6055382d4902e664d7db30d41c234da8 (diff)
downloadgitlab-ce-d1aef1f14deb6663589034d7b66ea1a60ee1e4a8.tar.gz
Update CHANGELOG.md for 11.2.2
[ci skip]
Diffstat
-rw-r--r--CHANGELOG.md9
-rw-r--r--changelogs/unreleased/security-fj-missing-csrf-system-hooks-resend.yml5
2 files changed, 9 insertions, 5 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 256dd913435..b9a2fca9ce5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,15 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
+## 11.2.2 (2018-08-27)
+
+### Security (3 changes)
+
+- Fixed persistent XSS rendering/escaping of diff location lines.
+- Adding CSRF protection to Hooks resend action.
+- Block link-local addresses in URLBlocker.
+
+
## 11.2.1 (2018-08-22)
### Fixed (2 changes)
diff --git a/changelogs/unreleased/security-fj-missing-csrf-system-hooks-resend.yml b/changelogs/unreleased/security-fj-missing-csrf-system-hooks-resend.yml
deleted file mode 100644
index 018acb9c5af..00000000000
--- a/changelogs/unreleased/security-fj-missing-csrf-system-hooks-resend.yml
+++ /dev/null
@@ -1,5 +0,0 @@
----
-title: Adding CSRF protection to Hooks resend action
-merge_request:
-author:
-type: security
View Lorry Controller Status