Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
05cd30f6
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
05cd30f6
编写于
5月 27, 2020
作者:
G
GitLab Release Tools Bot
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Update CHANGELOG.md for 13.0.1
[ci skip]
上级
171d7a36
变更
13
隐藏空白更改
内联
并排
Showing
13 changed file
with
18 addition
and
60 deletion
+18
-60
CHANGELOG.md
CHANGELOG.md
+18
-0
changelogs/unreleased/216528-confidential-issue.yml
changelogs/unreleased/216528-confidential-issue.yml
+0
-5
changelogs/unreleased/security-132-remove-eks-details-from-admin-form.yml
...eased/security-132-remove-eks-details-from-admin-form.yml
+0
-5
changelogs/unreleased/security-208449-fix-deploy-key-can-push.yml
...gs/unreleased/security-208449-fix-deploy-key-can-push.yml
+0
-5
changelogs/unreleased/security-25994-unverified-email-mitigation.yml
...unreleased/security-25994-unverified-email-mitigation.yml
+0
-5
changelogs/unreleased/security-dblessing-oauth-email-verification.yml
...nreleased/security-dblessing-oauth-email-verification.yml
+0
-5
changelogs/unreleased/security-do-not-expose-kubernetes-token.yml
...gs/unreleased/security-do-not-expose-kubernetes-token.yml
+0
-5
changelogs/unreleased/security-fix-email-confirmation-bug.yml
...gelogs/unreleased/security-fix-email-confirmation-bug.yml
+0
-5
changelogs/unreleased/security-fix-mermaid-issue.yml
changelogs/unreleased/security-fix-mermaid-issue.yml
+0
-5
changelogs/unreleased/security-forked-from.yml
changelogs/unreleased/security-forked-from.yml
+0
-5
changelogs/unreleased/security-gb-fix-workhorse-zip-metadata-resources.yml
...ased/security-gb-fix-workhorse-zip-metadata-resources.yml
+0
-5
changelogs/unreleased/security-group-import-file-enuming.yml
changelogs/unreleased/security-group-import-file-enuming.yml
+0
-5
changelogs/unreleased/security-jivanvl-prevent-xss-duplicate-dashboard-modal.yml
...ecurity-jivanvl-prevent-xss-duplicate-dashboard-modal.yml
+0
-5
未找到文件。
CHANGELOG.md
浏览文件 @
05cd30f6
...
...
@@ -2,6 +2,24 @@
documentation](doc/development/changelog.md) for instructions on adding your own
entry.
## 13.0.1 (2020-05-27)
### Security (12 changes)
- Add an extra validation to Static Site Editor payload.
- Hide EKS secret key in admin integrations settings.
- Added data integrity check before updating a deploy key.
- Display only verified emails on notifications and profile page.
- Require confirmed email address for GitLab OAuth authentication.
- Kubernetes cluster details page no longer exposes Service Token.
- Fix confirming unverified emails with soft email confirmation flow enabled.
- Disallow user to control PUT request using mermaid markdown in issue description.
- Check forked project permissions before allowing fork.
- Limit memory footprint of a command that generates ZIP artifacts metadata.
- Fix file enuming using Group Import.
- Prevent XSS in the monitoring dashboard.
## 13.0.0 (2020-05-22)
### Removed (20 changes, 5 of them are from the community)
...
...
changelogs/unreleased/216528-confidential-issue.yml
已删除
100644 → 0
浏览文件 @
171d7a36
---
title
:
Add an extra validation to Static Site Editor payload
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-132-remove-eks-details-from-admin-form.yml
已删除
100644 → 0
浏览文件 @
171d7a36
---
title
:
Hide EKS secret key in admin integrations settings
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-208449-fix-deploy-key-can-push.yml
已删除
100644 → 0
浏览文件 @
171d7a36
---
title
:
Added data integrity check before updating a deploy key.
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-25994-unverified-email-mitigation.yml
已删除
100644 → 0
浏览文件 @
171d7a36
---
title
:
Display only verified emails on notifications and profile page
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-dblessing-oauth-email-verification.yml
已删除
100644 → 0
浏览文件 @
171d7a36
---
title
:
Require confirmed email address for GitLab OAuth authentication
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-do-not-expose-kubernetes-token.yml
已删除
100644 → 0
浏览文件 @
171d7a36
---
title
:
Kubernetes cluster details page no longer exposes Service Token
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-fix-email-confirmation-bug.yml
已删除
100644 → 0
浏览文件 @
171d7a36
---
title
:
Fix confirming unverified emails with soft email confirmation flow enabled
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-fix-mermaid-issue.yml
已删除
100644 → 0
浏览文件 @
171d7a36
---
title
:
Disallow user to control PUT request using mermaid markdown in issue description
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-forked-from.yml
已删除
100644 → 0
浏览文件 @
171d7a36
---
title
:
Check forked project permissions before allowing fork
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-gb-fix-workhorse-zip-metadata-resources.yml
已删除
100644 → 0
浏览文件 @
171d7a36
---
title
:
Limit memory footprint of a command that generates ZIP artifacts metadata
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-group-import-file-enuming.yml
已删除
100644 → 0
浏览文件 @
171d7a36
---
title
:
Fix file enuming using Group Import
merge_request
:
author
:
type
:
security
changelogs/unreleased/security-jivanvl-prevent-xss-duplicate-dashboard-modal.yml
已删除
100644 → 0
浏览文件 @
171d7a36
---
title
:
Prevent XSS in the monitoring dashboard
merge_request
:
author
:
type
:
security
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录