Skip to content

G
gitlab-ce
Commit dcca143e authored by GitLab Release Tools Bot's avatar GitLab Release Tools Bot
Browse files
Options

Update CHANGELOG.md for 12.0.3 

[ci skip]
parent bb771fae
Show whitespace changes
Inline Side-by-side
Showing with 16 additions and 0 deletions
CHANGELOG.md
View file @ dcca143e
...@@ -2,6 +2,22 @@ ...@@ -2,6 +2,22 @@
documentation](doc/development/changelog.md) for instructions on adding your own documentation](doc/development/changelog.md) for instructions on adding your own
entry. entry.
## 12.0.3 (2019-06-27)
### Security (10 changes)
- Persist tmp snippet uploads at users.
- Gate MR head_pipeline behind read_pipeline ability.
- Fix DoS vulnerability in color validation regex.
- Expose merge requests count based on user access.
- Fix Denial of Service for comments when rendering issues/MR comments.
- Add missing authorizations in GraphQL.
- Disable Rails SQL query cache when applying service templates.
- Prevent Billion Laughs attack.
- Correctly check permissions when creating snippet notes.
- Prevent the detection of merge request templates by unauthorized users.
## 12.0.2 (2019-06-25) ## 12.0.2 (2019-06-25)
### Fixed (7 changes, 1 of them is from the community) ### Fixed (7 changes, 1 of them is from the community)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7