From b03663027ebc0bd6a3406f34f500e8fa62373c91 Mon Sep 17 00:00:00 2001
From: Eopayemi <157506568+Eopayemi@users.noreply.github.com>
Date: Fri, 25 Oct 2024 16:19:51 +0100
Subject: [PATCH] Update 5.6.0 (#5669)

update

(cherry picked from commit b6949e1098dfbbb3d5fbe5ebc63e4b08aeca387e)
---
 .../release-notes/version-5.6.md              | 35 -------------------
 1 file changed, 35 deletions(-)

diff --git a/tyk-docs/content/product-stack/tyk-dashboard/release-notes/version-5.6.md b/tyk-docs/content/product-stack/tyk-dashboard/release-notes/version-5.6.md
index aac4199317..75555833ec 100644
--- a/tyk-docs/content/product-stack/tyk-dashboard/release-notes/version-5.6.md
+++ b/tyk-docs/content/product-stack/tyk-dashboard/release-notes/version-5.6.md
@@ -275,41 +275,6 @@ We have fixed an issue in the Monitoring section of the Dashboard UI where the *
 
 </ul>
 
-#### Security Fixes
-<!-- This section should be a bullet point list that should be included when any security fixes have been made in the release, e.g. CVEs. For CVE fixes, consideration needs to be made as follows:
-1. Dependency-tracked CVEs - External-tracked CVEs should be included on the release note.
-2. Internal scanned CVEs - Refer to the relevant engineering and delivery policy.
-For agreed CVE security fixes, provide a link to the corresponding entry on the NIST website. For example:
-- Fixed the following CVEs:
-    - [CVE-2022-33082](https://nvd.nist.gov/vuln/detail/CVE-2022-33082)
--->
-<ul>
-<li>
-<details>
-<summary>Strengthened RBAC password reset permissions</summary>
-
-We have fixed a privilege escalation vulnerability where a user with certain permissions could potentially reset other users' passwords, including admin accounts. The following changes have been made to tighten the behavior of the password reset permission:
-- All users can reset their own passwords
-- A specific permission is required to reset the password of another user within the same Tyk organization
-- This permission can only be assigned by an admin or super-admin
-- This permission can only be assigned to an admin and cannot be assigned to a user group
-- The allow_admin_reset_password configuration option automatically grants this permission to all admin users
-- Super-admins always have the password reset permission across all Tyk organization
-
-</details>
-</li>
-
-<li>
-<details>
-<summary>Gateway secret could be exposed in debug logs</summary>
-
-Resolved an issue where the Gateway secret was inadvertently included in the log generated by the Dashboard for a call to the `/api/keys` endpoint when in debug mode. This issue has been fixed to prevent sensitive information from appearing in system logs. We do not recommend running production environments in debug mode.
-
-</details>
-</li>
-
-
-</ul>
 <!-- Required. use 3 hyphens --- between release notes of every patch (minors will be on a separate page) -->
 
 ---