From 35216e3e88ad0ef413926844dede4a57edfc9d01 Mon Sep 17 00:00:00 2001 From: Robert Speicher Date: Tue, 14 Feb 2017 15:44:39 -0500 Subject: Update CHANGELOG.md for 8.16.5 [ci skip] --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 71d38e5453d..1a2b2d3d4c6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ documentation](doc/development/changelog.md) for instructions on adding your own entry. +## 8.16.5 (2017-02-14) + +- Patch Asciidocs rendering to block XSS. +- Fix XSS vulnerability in SVG attachments. +- Prevent the GitHub importer from assigning labels and comments to merge requests or issues belonging to other projects. +- Patch XSS vulnerability in RDOC support. + ## 8.16.4 (2017-02-02) - Support non-ASCII characters in GFM autocomplete. !8729 -- cgit v1.2.1 From acfc16a3f459ca6e2bffdaa2822af4418c9e87f0 Mon Sep 17 00:00:00 2001 From: Robert Speicher Date: Tue, 14 Feb 2017 15:52:55 -0500 Subject: Update CHANGELOG.md for 8.16.5 [ci skip] --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1a2b2d3d4c6..04649cfbaeb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,7 @@ entry. ## 8.16.5 (2017-02-14) +- No changes. - Patch Asciidocs rendering to block XSS. - Fix XSS vulnerability in SVG attachments. - Prevent the GitHub importer from assigning labels and comments to merge requests or issues belonging to other projects. -- cgit v1.2.1 From d06906e6245c4b6768fed30b793d30bb8fd581e0 Mon Sep 17 00:00:00 2001 From: Robert Speicher Date: Tue, 14 Feb 2017 15:57:17 -0500 Subject: Update CHANGELOG.md for 8.16.5 [ci skip] --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 04649cfbaeb..a43afa03116 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,7 @@ entry. ## 8.16.5 (2017-02-14) +- No changes. - No changes. - Patch Asciidocs rendering to block XSS. - Fix XSS vulnerability in SVG attachments. -- cgit v1.2.1 From 0733b142ac705a53de4f80e1b8c4929d30012905 Mon Sep 17 00:00:00 2001 From: Robert Speicher Date: Tue, 14 Feb 2017 16:35:50 -0500 Subject: Update CHANGELOG.md for 8.15.6 [ci skip] --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index a43afa03116..6f0492700c5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -183,6 +183,13 @@ entry. - Add margin to markdown math blocks. - Add hover state to MR comment reply button. +## 8.15.6 (2017-02-14) + +- Patch Asciidocs rendering to block XSS. +- Fix XSS vulnerability in SVG attachments. +- Prevent the GitHub importer from assigning labels and comments to merge requests or issues belonging to other projects. +- Patch XSS vulnerability in RDOC support. + ## 8.15.4 (2017-01-09) - Make successful pipeline emails off for watchers. !8176 -- cgit v1.2.1 From f3535bbff66d410983d39ec51f75d08683407fbf Mon Sep 17 00:00:00 2001 From: Robert Speicher Date: Tue, 14 Feb 2017 16:48:40 -0500 Subject: Update CHANGELOG.md for 8.14.9 [ci skip] --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6f0492700c5..e524062a2eb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -453,6 +453,13 @@ entry. - Whitelist next project names: help, ci, admin, search. !8227 - Adds back CSS for progress-bars. !8237 +## 8.14.9 (2017-02-14) + +- Patch Asciidocs rendering to block XSS. +- Fix XSS vulnerability in SVG attachments. +- Prevent the GitHub importer from assigning labels and comments to merge requests or issues belonging to other projects. +- Patch XSS vulnerability in RDOC support. + ## 8.14.8 (2017-01-25) - Accept environment variables from the `pre-receive` script. !7967 -- cgit v1.2.1