summaryrefslogtreecommitdiff
path: root/CHANGELOG.md
diff options
context:
space:
mode:
authorHaelwenn <contact+git.pleroma.social@hacktivis.me>2023-09-03 12:12:44 +0000
committerHaelwenn <contact+git.pleroma.social@hacktivis.me>2023-09-03 12:12:44 +0000
commitf966abe4fbacf8fa91cf2b533f8abfb57d62f8b7 (patch)
tree14c3999daac4222947c3e707ccfbaf34da5ec122 /CHANGELOG.md
parent1f4be2b3495b6df03843f923a53aff5913e1ef0d (diff)
parent385492577d11e9667064d7f7e0dacdc00457064a (diff)
downloadpleroma-f966abe4fbacf8fa91cf2b533f8abfb57d62f8b7.tar.gz
pleroma-f966abe4fbacf8fa91cf2b533f8abfb57d62f8b7.zip
Merge branch 'release/2.5.5' into 'stable'
Release 2.5.5 See merge request pleroma/pleroma!3949
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r--CHANGELOG.md7
1 files changed, 6 insertions, 1 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9d9aadc6e..32ec440de 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -14,7 +14,12 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
### Removed
-## 2.5.54
+## 2.5.5
+
+## Security
+- Prevent users from accessing media of other users by creating a status with reused attachment ID
+
+## 2.5.4
## Security
- Fix XML External Entity (XXE) loading vulnerability allowing to fetch arbitary files from the server's filesystem
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-24 18:37:18 +0000