Update changelog for v1.3.1 (#7142)

* Update changelog for v1.3.1 * Include fix for user with permission to write actions can impersonate another user when auth token is configured in environment variable
treeverse · Dec 10, 2023 · 9c00264 · 9c00264
1 parent d016462
commit 9c00264
Showing 1 changed file with 13 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,18 @@
 # Changelog
 
+# v1.3.1
+
+:bug: Bugs fixed:
+
+- Fix: User with permission to write actions can impersonate another user when auth token is configured in environment variable
+  ([GHSA-26hr-q2wp-rvc5](https://github.com/treeverse/lakeFS/security/advisories/GHSA-26hr-q2wp-rvc5))
+- Fix: S3 Gateway block unsupported S3 operations (#7028)
+- Fix: Better error handling on hook error (#7081)
+- Fix: Upload object without specify content type (#7130)
+- Fix: UI notebook preview fix colors (#7141)
+- Fix: Match blockstore reader hash function (#7099) (thanks @hunjixin)
+- UI improve load by cache and split of embedded content (#7132,#7135)
+
 # v1.3.0
 
 :new: What's new: