From 4099ddb3dc5840fa10cff743d87464acf7898a80 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Sat, 5 Aug 2023 08:27:42 +0200 Subject: Mergeback release 2.5.4 --- changelog.d/akkoma-xml-remote-entities.security | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'changelog.d/akkoma-xml-remote-entities.security') diff --git a/changelog.d/akkoma-xml-remote-entities.security b/changelog.d/akkoma-xml-remote-entities.security index b3c86bee1..5e6725e5b 100644 --- a/changelog.d/akkoma-xml-remote-entities.security +++ b/changelog.d/akkoma-xml-remote-entities.security @@ -1 +1 @@ -Restrict XML parser from processing external entitites (XXE) +Fix XML External Entity (XXE) loading vulnerability allowing to fetch arbitary files from the server's filesystem -- cgit v1.2.3