Merge branch 'disable-xml-entities-completely' into 'develop'

Completely disable xml entity resolution See merge request pleroma/pleroma!3932
author: Haelwenn <contact+git.pleroma.social@hacktivis.me> 2023-08-06 08:27:27 +0000
committer: Haelwenn <contact+git.pleroma.social@hacktivis.me> 2023-08-06 08:27:27 +0000
commit: 4e355b8595a5c4ff7aaaa4c0755b3dc7a37c6b6c (patch)
tree: 623433efceefe6deead177525714b216f1610829 /changelog.d/disable-xml-entity-resolution.security
parent: 17c336de66b757ef90e9e229d086c7b83fb1573e (diff)
parent: 48b1e9bdc7382ec6ef33e95f2bd8674ae92f17b2 (diff)
download: pleroma-4e355b8595a5c4ff7aaaa4c0755b3dc7a37c6b6c.tar.gz
pleroma-4e355b8595a5c4ff7aaaa4c0755b3dc7a37c6b6c.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/changelog.d/disable-xml-entity-resolution.security b/changelog.d/disable-xml-entity-resolution.security
new file mode 100644
index 000000000..db8e12f67
--- /dev/null
+++ b/changelog.d/disable-xml-entity-resolution.security
@@ -0,0 +1 @@
+Disable XML entity resolution completely to fix a dos vulnerability
author	Haelwenn <contact+git.pleroma.social@hacktivis.me>	2023-08-06 08:27:27 +0000
committer	Haelwenn <contact+git.pleroma.social@hacktivis.me>	2023-08-06 08:27:27 +0000
commit	4e355b8595a5c4ff7aaaa4c0755b3dc7a37c6b6c (patch)
tree	623433efceefe6deead177525714b216f1610829 /changelog.d/disable-xml-entity-resolution.security
parent	17c336de66b757ef90e9e229d086c7b83fb1573e (diff)
parent	48b1e9bdc7382ec6ef33e95f2bd8674ae92f17b2 (diff)
download	pleroma-4e355b8595a5c4ff7aaaa4c0755b3dc7a37c6b6c.tar.gz pleroma-4e355b8595a5c4ff7aaaa4c0755b3dc7a37c6b6c.zip