summaryrefslogtreecommitdiff
path: root/changelog.d/akkoma-xml-remote-entities.security
diff options
context:
space:
mode:
authorHaelwenn <contact+git.pleroma.social@hacktivis.me>2023-08-05 08:13:03 +0000
committerHaelwenn <contact+git.pleroma.social@hacktivis.me>2023-08-05 08:13:03 +0000
commitd0f7a5c4f53f631703cc108b95c52a934c122873 (patch)
tree08a1a83efc47a77f2e44b16258e91b7a2b557b39 /changelog.d/akkoma-xml-remote-entities.security
parent1062185ba03ffa03f0dfcfc11f948285b2ffd610 (diff)
parent4099ddb3dc5840fa10cff743d87464acf7898a80 (diff)
downloadpleroma-d0f7a5c4f53f631703cc108b95c52a934c122873.tar.gz
pleroma-d0f7a5c4f53f631703cc108b95c52a934c122873.zip
Merge branch 'mergeback/2.5.4' into 'develop'
Mergeback: 2.5.4 See merge request pleroma/pleroma!3930
Diffstat (limited to 'changelog.d/akkoma-xml-remote-entities.security')
-rw-r--r--changelog.d/akkoma-xml-remote-entities.security1
1 files changed, 1 insertions, 0 deletions
diff --git a/changelog.d/akkoma-xml-remote-entities.security b/changelog.d/akkoma-xml-remote-entities.security
new file mode 100644
index 000000000..5e6725e5b
--- /dev/null
+++ b/changelog.d/akkoma-xml-remote-entities.security
@@ -0,0 +1 @@
+Fix XML External Entity (XXE) loading vulnerability allowing to fetch arbitary files from the server's filesystem
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-07 16:38:19 +0000