| ... | @@ -2,6 +2,21 @@ |
... | @@ -2,6 +2,21 @@ |
|
|
documentation](doc/development/changelog.md) for instructions on adding your own
|
|
documentation](doc/development/changelog.md) for instructions on adding your own
|
|
|
entry.
|
|
entry.
|
|
|
|
|
|
|
|
|
## 12.3.7
|
|
|
|
|
|
|
|
### Security (9 changes)
|
|
|
|
|
|
|
|
- Check permissions before showing a forked project's source.
|
|
|
|
- Encrypt application setting tokens.
|
|
|
|
- Update Workhorse and Gitaly to fix a security issue.
|
|
|
|
- Hide commit counts from guest users in Cycle Analytics.
|
|
|
|
- Limit potential for DNS rebind SSRF in chat notifications.
|
|
|
|
- Fix 500 error caused by invalid byte sequences in links.
|
|
|
|
- Ensure are cleaned by ImportExport::AttributeCleaner.
|
|
|
|
- Remove notes regarding Related Branches from Issue activity feeds for guest users.
|
|
|
|
- Escape namespace in label references to prevent XSS.
|
|
|
|
|
|
|
|
|
|
|
## 12.3.6
|
|
## 12.3.6
|
|
|
|
|
|
|
|
### Security (15 changes)
|
|
### Security (15 changes)
|
| ... | |
... | |
| ... | | ... | |