Release 2.5.4

author: Haelwenn (lanodan) Monnier <contact@hacktivis.me> 2023-08-05 08:27:42 +0200
committer: Haelwenn (lanodan) Monnier <contact@hacktivis.me> 2023-08-05 08:27:42 +0200
commit: b631180b38ac63029f08bef137b13231bcf57b59 (patch)
tree: 55a72082c7776290cdbbbd16fbf043f9c6fc4bb5 /changelog.d/akkoma-xml-remote-entities.security
parent: cc848b78dca51fcd7e785eb92a7a3a4d5d1c419e (diff)
download: pleroma-b631180b38ac63029f08bef137b13231bcf57b59.tar.gz
pleroma-b631180b38ac63029f08bef137b13231bcf57b59.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/changelog.d/akkoma-xml-remote-entities.security b/changelog.d/akkoma-xml-remote-entities.security
index b3c86bee1..5e6725e5b 100644
--- a/changelog.d/akkoma-xml-remote-entities.security
+++ b/changelog.d/akkoma-xml-remote-entities.security
@@ -1 +1 @@
-Restrict XML parser from processing external entitites (XXE)
+Fix XML External Entity (XXE) loading vulnerability allowing to fetch arbitary files from the server's filesystem
author	Haelwenn (lanodan) Monnier <contact@hacktivis.me>	2023-08-05 08:27:42 +0200
committer	Haelwenn (lanodan) Monnier <contact@hacktivis.me>	2023-08-05 08:27:42 +0200
commit	b631180b38ac63029f08bef137b13231bcf57b59 (patch)
tree	55a72082c7776290cdbbbd16fbf043f9c6fc4bb5 /changelog.d/akkoma-xml-remote-entities.security
parent	cc848b78dca51fcd7e785eb92a7a3a4d5d1c419e (diff)
download	pleroma-b631180b38ac63029f08bef137b13231bcf57b59.tar.gz pleroma-b631180b38ac63029f08bef137b13231bcf57b59.zip