Skip to content

G
gitlab-ce
Commit 86f56441 authored by Robert Speicher's avatar Robert Speicher
Browse files
Options

Update CHANGELOG for 8.6.8 

[ci skip]
parent 13a4f9fc
Hide whitespace changes
Inline Side-by-side
Showing with 6 additions and 5 deletions
CHANGELOG
View file @ 86f56441
Please view this file on the master branch, on stable branches it's out of date.
v 8.6.8
- Fix a window.opener bug that could lead to XSS and open redirects
- Prevent privilege escalation via "impersonate" feature
- Prevent privilege escalation via notes API
- Prevent privilege escalation via project webhook API
- Prevent XSS via Git branch and tag names
- Prevent XSS via custom issue tracker URL
- Fix vulnerability that leaks private labels and milestones
- Prevent XSS with in label dropdown
- Prevent privilege escalation via "impersonate" feature
- Prevent users from deleting Webhooks via API they do not own
- Prevent XSS via `window.opener`
- Prevent XSS via label drop-down
- Prevent information disclosure via milestone API
- Prevent information disclosure via snippet API
- Prevent information disclosure via project labels
- Prevent information disclosure via new merge request page
v 8.6.7
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7