Add release notes for Gerrit v3.2.7
Change-Id: Ie4834807987c6ddbfa85ff6c3a8e4119febdb554
diff --git a/pages/site/releases/3.2.md b/pages/site/releases/3.2.md
index 568884e..5c9ee86 100644
--- a/pages/site/releases/3.2.md
+++ b/pages/site/releases/3.2.md
@@ -6,7 +6,8 @@
toc: true
---
-Download: **[3.2.6](https://gerrit-releases.storage.googleapis.com/gerrit-3.2.6.war)**
+Download: **[3.2.7](https://gerrit-releases.storage.googleapis.com/gerrit-3.2.7.war)**
+| [3.2.6](https://gerrit-releases.storage.googleapis.com/gerrit-3.2.6.war)
| [3.2.5.1](https://gerrit-releases.storage.googleapis.com/gerrit-3.2.5.1.war)
| [3.2.5](https://gerrit-releases.storage.googleapis.com/gerrit-3.2.5.war)
| [3.2.3](https://gerrit-releases.storage.googleapis.com/gerrit-3.2.3.war)
@@ -14,7 +15,8 @@
| [3.2.1](https://gerrit-releases.storage.googleapis.com/gerrit-3.2.1.war)
| [3.2.0](https://gerrit-releases.storage.googleapis.com/gerrit-3.2.0.war)
-Documentation: **[3.2.6](https://gerrit-documentation.storage.googleapis.com/Documentation/3.2.6/index.html)**
+Documentation: **[3.2.7](https://gerrit-documentation.storage.googleapis.com/Documentation/3.2.7/index.html)**
+| [3.2.6](https://gerrit-documentation.storage.googleapis.com/Documentation/3.2.6/index.html)
| [3.2.5.1](https://gerrit-documentation.storage.googleapis.com/Documentation/3.2.5.1/index.html)
| [3.2.5](https://gerrit-documentation.storage.googleapis.com/Documentation/3.2.5/index.html)
| [3.2.3](https://gerrit-documentation.storage.googleapis.com/Documentation/3.2.3/index.html)
@@ -600,6 +602,65 @@
## Bugfix Releases
+### 3.2.7
+
+* New Features
+
+ * Add change query option allowing administrators to skip visibility filtering.
+
+ Add a new REST-API change query option "skip-visibility" to allow administrators
+ to skip visibility filtering.
+
+* Security Fixes
+
+ * [Issue 13858](https://bugs.chromium.org/p/gerrit/issues/detail?id=13858)
+ [CVE-2021-22553](https://nvd.nist.gov/vuln/detail/CVE-2021-22553):
+ Fixed memory leak in Git-over-HTTP requests.
+
+ Unauthenticated users could exploit this problem in a Denial of Service attack,
+ causing the server to go out-of-memory.
+
+* PolyGerrit Fixes
+
+ * [Issue 11811](https://bugs.chromium.org/p/gerrit/issues/detail?id=11811):
+ Fix comments on partial text selection on Safari.
+
+ * [Issue 13870](https://bugs.chromium.org/p/gerrit/issues/detail?id=13870):
+ Polygerrit: Remove license headers in minified gr-app.js.
+
+* Replication plugin fixes
+
+ * Don't check read permission when authgroup isn't set.
+
+ Do not check for read permission when authGroup is not set since
+ the user is a RemoteSiteUser that is-an InternalUser having
+ read access to everything. This fixes a regression introduced in v3.1.10
+ that prevented the All-Users.git repository to be fully replicated to
+ Gerrit replicas.
+
+* Bug Fixes
+
+ * [Issue 13803](https://bugs.chromium.org/p/gerrit/issues/detail?id=13803):
+ Limit number of ambiguous accounts in error message.
+
+ Don't list more than 3 ambiguous accounts in error message of
+ UnresolvableAccountException in order to prevent flooding the log and
+ displaying a lot of sensitive account data in an error dialog.
+
+ * [Issue 13936](https://bugs.chromium.org/p/gerrit/issues/detail?id=13936):
+ Fix badly formatted error message shown in error dialog.
+
+ * [Issue 13884](https://bugs.chromium.org/p/gerrit/issues/detail?id=13884):
+ Fix 'is:submittable' query on multiple submit records.
+
+* Dependency Updates
+
+ * Update highlight.js to 10.5.0.
+
+ * Update Jetty to 9.4.35.v20201120.
+
+ * Downgrade soy-template to 2019-10-08.
+
### 3.2.6
* Breaking Changes
