From cd20d15bb8d2f97f8dd0850993041f15865cdda9 Mon Sep 17 00:00:00 2001 From: HJ <30-hj@users.noreply.git.pleroma.social> Date: Fri, 28 Apr 2023 11:19:14 +0000 Subject: changelog --- changelog.d/3879.fix | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/3879.fix (limited to 'changelog.d') diff --git a/changelog.d/3879.fix b/changelog.d/3879.fix new file mode 100644 index 000000000..7c58cc3c2 --- /dev/null +++ b/changelog.d/3879.fix @@ -0,0 +1 @@ +fix not being able to fetch flash file from remote instance \ No newline at end of file -- cgit v1.2.3 From 18a0c923d0da4c8fb6e33b383dabd1d06bb22968 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Thu, 3 Aug 2023 13:08:37 -0400 Subject: Resolve information disclosure vulnerability through emoji pack archive download endpoint The pack name has been sanitized so an attacker cannot upload a media file called pack.json with their own handcrafted list of emoji files as arbitrary files on the filesystem and then call the emoji pack archive download endpoint with a pack name crafted to the location of the media file they uploaded which tricks Pleroma into generating a zip file of the target files the attacker wants to download. The attack only works if the Pleroma instance does not have the AnonymizeFilename upload filter enabled, which is currently the default. Reported by: graf@poast.org --- changelog.d/emoji-pack-sanitization.security | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/emoji-pack-sanitization.security (limited to 'changelog.d') diff --git a/changelog.d/emoji-pack-sanitization.security b/changelog.d/emoji-pack-sanitization.security new file mode 100644 index 000000000..f3218abd4 --- /dev/null +++ b/changelog.d/emoji-pack-sanitization.security @@ -0,0 +1 @@ +Emoji pack loader sanitizes pack names -- cgit v1.2.3 From 22df32b3f5cfe9fe0a4a97ff799df72c091b676e Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Thu, 22 Jun 2023 01:00:25 +0200 Subject: changelog: Entry for config permissions restrictions Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/3135 --- changelog.d/otp_perms.security | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/otp_perms.security (limited to 'changelog.d') diff --git a/changelog.d/otp_perms.security b/changelog.d/otp_perms.security new file mode 100644 index 000000000..a3da1c677 --- /dev/null +++ b/changelog.d/otp_perms.security @@ -0,0 +1 @@ +- Reduced permissions of config files and directories, distros requiring greater permissions like group-read need to pre-create the directories \ No newline at end of file -- cgit v1.2.3 From cc848b78dca51fcd7e785eb92a7a3a4d5d1c419e Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Fri, 4 Aug 2023 22:44:09 -0400 Subject: Document and test that XXE processing is disabled https://vuln.be/post/xxe-in-erlang-and-elixir/ --- changelog.d/akkoma-xml-remote-entities.security | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/akkoma-xml-remote-entities.security (limited to 'changelog.d') diff --git a/changelog.d/akkoma-xml-remote-entities.security b/changelog.d/akkoma-xml-remote-entities.security new file mode 100644 index 000000000..b3c86bee1 --- /dev/null +++ b/changelog.d/akkoma-xml-remote-entities.security @@ -0,0 +1 @@ +Restrict XML parser from processing external entitites (XXE) -- cgit v1.2.3 From b631180b38ac63029f08bef137b13231bcf57b59 Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Sat, 5 Aug 2023 08:27:42 +0200 Subject: Release 2.5.4 --- changelog.d/akkoma-xml-remote-entities.security | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'changelog.d') diff --git a/changelog.d/akkoma-xml-remote-entities.security b/changelog.d/akkoma-xml-remote-entities.security index b3c86bee1..5e6725e5b 100644 --- a/changelog.d/akkoma-xml-remote-entities.security +++ b/changelog.d/akkoma-xml-remote-entities.security @@ -1 +1 @@ -Restrict XML parser from processing external entitites (XXE) +Fix XML External Entity (XXE) loading vulnerability allowing to fetch arbitary files from the server's filesystem -- cgit v1.2.3 From 3c5ecca37718a1eba05be1f379b8f47362079c65 Mon Sep 17 00:00:00 2001 From: tusooa Date: Wed, 30 Aug 2023 20:37:45 -0400 Subject: Skip changelog --- changelog.d/lint.skip | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 changelog.d/lint.skip (limited to 'changelog.d') diff --git a/changelog.d/lint.skip b/changelog.d/lint.skip new file mode 100644 index 000000000..e69de29bb -- cgit v1.2.3 From 1afde067b12ad0062c1820091ea9b0a680819281 Mon Sep 17 00:00:00 2001 From: Mint Date: Sat, 2 Sep 2023 01:43:25 +0300 Subject: CommonAPI: Prevent users from accessing media of other users --- changelog.d/check-attachment-attribution.security | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/check-attachment-attribution.security (limited to 'changelog.d') diff --git a/changelog.d/check-attachment-attribution.security b/changelog.d/check-attachment-attribution.security new file mode 100644 index 000000000..e0e46525b --- /dev/null +++ b/changelog.d/check-attachment-attribution.security @@ -0,0 +1 @@ +CommonAPI: Prevent users from accessing media of other users by creating a status with reused attachment ID -- cgit v1.2.3 From 535a5ecad04c9c49105a77e7025fe9f4b4d23ba6 Mon Sep 17 00:00:00 2001 From: Mint Date: Sat, 2 Sep 2023 01:43:25 +0300 Subject: CommonAPI: Prevent users from accessing media of other users commit 1afde067b12ad0062c1820091ea9b0a680819281 upstream. --- changelog.d/check-attachment-attribution.security | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/check-attachment-attribution.security (limited to 'changelog.d') diff --git a/changelog.d/check-attachment-attribution.security b/changelog.d/check-attachment-attribution.security new file mode 100644 index 000000000..e0e46525b --- /dev/null +++ b/changelog.d/check-attachment-attribution.security @@ -0,0 +1 @@ +CommonAPI: Prevent users from accessing media of other users by creating a status with reused attachment ID -- cgit v1.2.3 From d244c9d2984d21887f50737597fc03d2d0dd1601 Mon Sep 17 00:00:00 2001 From: tusooa Date: Mon, 10 Jul 2023 18:28:13 -0400 Subject: Add changelog --- changelog.d/quote.add | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/quote.add (limited to 'changelog.d') diff --git a/changelog.d/quote.add b/changelog.d/quote.add new file mode 100644 index 000000000..1c368ae75 --- /dev/null +++ b/changelog.d/quote.add @@ -0,0 +1 @@ +Implement quotes -- cgit v1.2.3 From 3e7d2e29b369535a9a942a4090cde9a21892f8c1 Mon Sep 17 00:00:00 2001 From: tusooa Date: Sat, 1 Jul 2023 23:07:07 -0400 Subject: Add changelog --- changelog.d/unified-streaming.add | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/unified-streaming.add (limited to 'changelog.d') diff --git a/changelog.d/unified-streaming.add b/changelog.d/unified-streaming.add new file mode 100644 index 000000000..84821fcc8 --- /dev/null +++ b/changelog.d/unified-streaming.add @@ -0,0 +1 @@ +Add unified streaming endpoint -- cgit v1.2.3 From b748efe66a099b66300f2beda42f5639911bab4a Mon Sep 17 00:00:00 2001 From: tusooa Date: Sat, 29 Jul 2023 12:55:43 -0400 Subject: Fix mentioning punycode domains when using Markdown --- changelog.d/punycode-mention.fix | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/punycode-mention.fix (limited to 'changelog.d') diff --git a/changelog.d/punycode-mention.fix b/changelog.d/punycode-mention.fix new file mode 100644 index 000000000..f013c2dac --- /dev/null +++ b/changelog.d/punycode-mention.fix @@ -0,0 +1 @@ +Fix mentioning punycode domains when using Markdown -- cgit v1.2.3 From a2a69709b51692be307940c79d0befdd3c9678bb Mon Sep 17 00:00:00 2001 From: tusooa Date: Tue, 24 Oct 2023 19:57:31 -0400 Subject: Bump version to 2.6.0 --- changelog.d/2023-06-deps-update.skip | 0 changelog.d/3126.fix | 1 - changelog.d/3739.skip | 0 changelog.d/3801.fix | 1 - changelog.d/3831.skip | 0 changelog.d/3848.add | 1 - changelog.d/3870.skip | 0 changelog.d/3872.remove | 1 - changelog.d/3873.fix | 1 - changelog.d/3874.remove | 1 - changelog.d/3876.skip | 0 changelog.d/3877.skip | 0 changelog.d/3878.skip | 0 changelog.d/3879.fix | 1 - changelog.d/3880.remove | 1 - changelog.d/3882.add | 1 - changelog.d/3883.fix | 1 - changelog.d/3884.fix | 1 - changelog.d/3885.fix | 1 - changelog.d/3888.fix | 1 - changelog.d/3891.fix | 1 - changelog.d/3893.skip | 0 changelog.d/3897.add | 1 - changelog.d/3899.skip | 0 changelog.d/3901.security | 1 - changelog.d/3902.skip | 0 changelog.d/3909.skip | 0 changelog.d/akkoma-xml-remote-entities.security | 1 - changelog.d/amd64-runner.skip | 0 changelog.d/attachment-type-check.fix | 1 - changelog.d/changelog-improve.skip | 0 changelog.d/check-attachment-attribution.security | 1 - changelog.d/delete-status-of-banned-user.fix | 1 - changelog.d/deprecate-scrobbles.remove | 1 - changelog.d/disable-xml-entity-resolution.security | 1 - changelog.d/distro-docs-elixir-1.11.skip | 0 changelog.d/dockerfile-config-perms.fix | 1 - changelog.d/emoji-pack-sanitization.security | 1 - changelog.d/emoji-policy.add | 1 - changelog.d/featured-collection-shouldnt-break-user-fetch.fix | 1 - changelog.d/fix-object-test.fix | 1 - changelog.d/gentoo_otp.skip | 0 changelog.d/gentoo_otp_hotfix.skip | 0 changelog.d/gentoo_otp_intro.skip | 0 changelog.d/handle-report-from-deactivated-user.fix | 1 - changelog.d/lint.skip | 0 changelog.d/media-altdomain.skip | 0 changelog.d/no_new_privs.add | 1 - changelog.d/otp_perms.security | 1 - changelog.d/pipeline-triggers.skip | 0 changelog.d/prevent-bypassing-authorized-fetch-mode.fix | 1 - changelog.d/punycode-mention.fix | 1 - changelog.d/quote.add | 1 - changelog.d/testfix-system-config-use.skip | 0 changelog.d/unified-streaming.add | 1 - changelog.d/update-credentials-limit-error.fix | 1 - 56 files changed, 35 deletions(-) delete mode 100644 changelog.d/2023-06-deps-update.skip delete mode 100644 changelog.d/3126.fix delete mode 100644 changelog.d/3739.skip delete mode 100644 changelog.d/3801.fix delete mode 100644 changelog.d/3831.skip delete mode 100644 changelog.d/3848.add delete mode 100644 changelog.d/3870.skip delete mode 100644 changelog.d/3872.remove delete mode 100644 changelog.d/3873.fix delete mode 100644 changelog.d/3874.remove delete mode 100644 changelog.d/3876.skip delete mode 100644 changelog.d/3877.skip delete mode 100644 changelog.d/3878.skip delete mode 100644 changelog.d/3879.fix delete mode 100644 changelog.d/3880.remove delete mode 100644 changelog.d/3882.add delete mode 100644 changelog.d/3883.fix delete mode 100644 changelog.d/3884.fix delete mode 100644 changelog.d/3885.fix delete mode 100644 changelog.d/3888.fix delete mode 100644 changelog.d/3891.fix delete mode 100644 changelog.d/3893.skip delete mode 100644 changelog.d/3897.add delete mode 100644 changelog.d/3899.skip delete mode 100644 changelog.d/3901.security delete mode 100644 changelog.d/3902.skip delete mode 100644 changelog.d/3909.skip delete mode 100644 changelog.d/akkoma-xml-remote-entities.security delete mode 100644 changelog.d/amd64-runner.skip delete mode 100644 changelog.d/attachment-type-check.fix delete mode 100644 changelog.d/changelog-improve.skip delete mode 100644 changelog.d/check-attachment-attribution.security delete mode 100644 changelog.d/delete-status-of-banned-user.fix delete mode 100644 changelog.d/deprecate-scrobbles.remove delete mode 100644 changelog.d/disable-xml-entity-resolution.security delete mode 100644 changelog.d/distro-docs-elixir-1.11.skip delete mode 100644 changelog.d/dockerfile-config-perms.fix delete mode 100644 changelog.d/emoji-pack-sanitization.security delete mode 100644 changelog.d/emoji-policy.add delete mode 100644 changelog.d/featured-collection-shouldnt-break-user-fetch.fix delete mode 100644 changelog.d/fix-object-test.fix delete mode 100644 changelog.d/gentoo_otp.skip delete mode 100644 changelog.d/gentoo_otp_hotfix.skip delete mode 100644 changelog.d/gentoo_otp_intro.skip delete mode 100644 changelog.d/handle-report-from-deactivated-user.fix delete mode 100644 changelog.d/lint.skip delete mode 100644 changelog.d/media-altdomain.skip delete mode 100644 changelog.d/no_new_privs.add delete mode 100644 changelog.d/otp_perms.security delete mode 100644 changelog.d/pipeline-triggers.skip delete mode 100644 changelog.d/prevent-bypassing-authorized-fetch-mode.fix delete mode 100644 changelog.d/punycode-mention.fix delete mode 100644 changelog.d/quote.add delete mode 100644 changelog.d/testfix-system-config-use.skip delete mode 100644 changelog.d/unified-streaming.add delete mode 100644 changelog.d/update-credentials-limit-error.fix (limited to 'changelog.d') diff --git a/changelog.d/2023-06-deps-update.skip b/changelog.d/2023-06-deps-update.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/3126.fix b/changelog.d/3126.fix deleted file mode 100644 index 91d396c89..000000000 --- a/changelog.d/3126.fix +++ /dev/null @@ -1 +0,0 @@ -MediaProxy responses now return a sandbox CSP header diff --git a/changelog.d/3739.skip b/changelog.d/3739.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/3801.fix b/changelog.d/3801.fix deleted file mode 100644 index 8c2ec0199..000000000 --- a/changelog.d/3801.fix +++ /dev/null @@ -1 +0,0 @@ -Filter context activities using Visibility.visible_for_user? diff --git a/changelog.d/3831.skip b/changelog.d/3831.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/3848.add b/changelog.d/3848.add deleted file mode 100644 index d7b1b0a84..000000000 --- a/changelog.d/3848.add +++ /dev/null @@ -1 +0,0 @@ -Add OAuth scope descriptions diff --git a/changelog.d/3870.skip b/changelog.d/3870.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/3872.remove b/changelog.d/3872.remove deleted file mode 100644 index 54cbb660e..000000000 --- a/changelog.d/3872.remove +++ /dev/null @@ -1 +0,0 @@ -remove BBS/SSH feature, replaced by an external bridge. \ No newline at end of file diff --git a/changelog.d/3873.fix b/changelog.d/3873.fix deleted file mode 100644 index 4699f7b58..000000000 --- a/changelog.d/3873.fix +++ /dev/null @@ -1 +0,0 @@ -UploadedMedia: Add missing disposition_type to Content-Disposition \ No newline at end of file diff --git a/changelog.d/3874.remove b/changelog.d/3874.remove deleted file mode 100644 index a81f744bf..000000000 --- a/changelog.d/3874.remove +++ /dev/null @@ -1 +0,0 @@ -Remove a few unused indexes. diff --git a/changelog.d/3876.skip b/changelog.d/3876.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/3877.skip b/changelog.d/3877.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/3878.skip b/changelog.d/3878.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/3879.fix b/changelog.d/3879.fix deleted file mode 100644 index 7c58cc3c2..000000000 --- a/changelog.d/3879.fix +++ /dev/null @@ -1 +0,0 @@ -fix not being able to fetch flash file from remote instance \ No newline at end of file diff --git a/changelog.d/3880.remove b/changelog.d/3880.remove deleted file mode 100644 index 113c76c85..000000000 --- a/changelog.d/3880.remove +++ /dev/null @@ -1 +0,0 @@ -Cleanup OStatus-era user upgrades and ap_enabled indicator \ No newline at end of file diff --git a/changelog.d/3882.add b/changelog.d/3882.add deleted file mode 100644 index 4712de1dc..000000000 --- a/changelog.d/3882.add +++ /dev/null @@ -1 +0,0 @@ -Allow lang attribute in status text diff --git a/changelog.d/3883.fix b/changelog.d/3883.fix deleted file mode 100644 index 6824f2013..000000000 --- a/changelog.d/3883.fix +++ /dev/null @@ -1 +0,0 @@ -Fix abnormal behaviour when refetching a poll diff --git a/changelog.d/3884.fix b/changelog.d/3884.fix deleted file mode 100644 index f8dbb2bbf..000000000 --- a/changelog.d/3884.fix +++ /dev/null @@ -1 +0,0 @@ -Allow non-HTTP(s) URIs in "url" fields for compatibility with "FEP-fffd: Proxy Objects" \ No newline at end of file diff --git a/changelog.d/3885.fix b/changelog.d/3885.fix deleted file mode 100644 index c5fbb0ed4..000000000 --- a/changelog.d/3885.fix +++ /dev/null @@ -1 +0,0 @@ -Fix opengraph and twitter card meta tags diff --git a/changelog.d/3888.fix b/changelog.d/3888.fix deleted file mode 100644 index 886aa7b39..000000000 --- a/changelog.d/3888.fix +++ /dev/null @@ -1 +0,0 @@ -ForceMentionsInContent: fix double mentions for Mastodon/Misskey posts \ No newline at end of file diff --git a/changelog.d/3891.fix b/changelog.d/3891.fix deleted file mode 100644 index f1fb62d82..000000000 --- a/changelog.d/3891.fix +++ /dev/null @@ -1 +0,0 @@ -OEmbed HTML tags are now filtered diff --git a/changelog.d/3893.skip b/changelog.d/3893.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/3897.add b/changelog.d/3897.add deleted file mode 100644 index 5c4402f45..000000000 --- a/changelog.d/3897.add +++ /dev/null @@ -1 +0,0 @@ -OnlyMedia Upload Filter diff --git a/changelog.d/3899.skip b/changelog.d/3899.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/3901.security b/changelog.d/3901.security deleted file mode 100644 index a3d8bd01f..000000000 --- a/changelog.d/3901.security +++ /dev/null @@ -1 +0,0 @@ -Preload: Make generated JSON html-safe. It already was html safe because it only consists of config data that is base64 encoded, but this will keep it safe it that ever changes. diff --git a/changelog.d/3902.skip b/changelog.d/3902.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/3909.skip b/changelog.d/3909.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/akkoma-xml-remote-entities.security b/changelog.d/akkoma-xml-remote-entities.security deleted file mode 100644 index 5e6725e5b..000000000 --- a/changelog.d/akkoma-xml-remote-entities.security +++ /dev/null @@ -1 +0,0 @@ -Fix XML External Entity (XXE) loading vulnerability allowing to fetch arbitary files from the server's filesystem diff --git a/changelog.d/amd64-runner.skip b/changelog.d/amd64-runner.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/attachment-type-check.fix b/changelog.d/attachment-type-check.fix deleted file mode 100644 index 9e14b75f1..000000000 --- a/changelog.d/attachment-type-check.fix +++ /dev/null @@ -1 +0,0 @@ -Restrict attachments to only uploaded files only diff --git a/changelog.d/changelog-improve.skip b/changelog.d/changelog-improve.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/check-attachment-attribution.security b/changelog.d/check-attachment-attribution.security deleted file mode 100644 index e0e46525b..000000000 --- a/changelog.d/check-attachment-attribution.security +++ /dev/null @@ -1 +0,0 @@ -CommonAPI: Prevent users from accessing media of other users by creating a status with reused attachment ID diff --git a/changelog.d/delete-status-of-banned-user.fix b/changelog.d/delete-status-of-banned-user.fix deleted file mode 100644 index 1fa6a29d8..000000000 --- a/changelog.d/delete-status-of-banned-user.fix +++ /dev/null @@ -1 +0,0 @@ -Fix error 404 when deleting status of a banned user diff --git a/changelog.d/deprecate-scrobbles.remove b/changelog.d/deprecate-scrobbles.remove deleted file mode 100644 index c453a9784..000000000 --- a/changelog.d/deprecate-scrobbles.remove +++ /dev/null @@ -1 +0,0 @@ -Deprecate Pleroma's audio scrobbling diff --git a/changelog.d/disable-xml-entity-resolution.security b/changelog.d/disable-xml-entity-resolution.security deleted file mode 100644 index db8e12f67..000000000 --- a/changelog.d/disable-xml-entity-resolution.security +++ /dev/null @@ -1 +0,0 @@ -Disable XML entity resolution completely to fix a dos vulnerability diff --git a/changelog.d/distro-docs-elixir-1.11.skip b/changelog.d/distro-docs-elixir-1.11.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/dockerfile-config-perms.fix b/changelog.d/dockerfile-config-perms.fix deleted file mode 100644 index 49ea5becb..000000000 --- a/changelog.d/dockerfile-config-perms.fix +++ /dev/null @@ -1 +0,0 @@ -- Fix config ownership in dockerfile to pass restriction test diff --git a/changelog.d/emoji-pack-sanitization.security b/changelog.d/emoji-pack-sanitization.security deleted file mode 100644 index f3218abd4..000000000 --- a/changelog.d/emoji-pack-sanitization.security +++ /dev/null @@ -1 +0,0 @@ -Emoji pack loader sanitizes pack names diff --git a/changelog.d/emoji-policy.add b/changelog.d/emoji-policy.add deleted file mode 100644 index 45510c4f6..000000000 --- a/changelog.d/emoji-policy.add +++ /dev/null @@ -1 +0,0 @@ -Implement MRF policy to reject or delist according to emojis diff --git a/changelog.d/featured-collection-shouldnt-break-user-fetch.fix b/changelog.d/featured-collection-shouldnt-break-user-fetch.fix deleted file mode 100644 index e8ce288cc..000000000 --- a/changelog.d/featured-collection-shouldnt-break-user-fetch.fix +++ /dev/null @@ -1 +0,0 @@ -Fix user fetch completely broken if featured collection is not in a supported form diff --git a/changelog.d/fix-object-test.fix b/changelog.d/fix-object-test.fix deleted file mode 100644 index 5eea719f0..000000000 --- a/changelog.d/fix-object-test.fix +++ /dev/null @@ -1 +0,0 @@ -Correctly handle the situation when a poll has both "anyOf" and "oneOf" but one of them being empty diff --git a/changelog.d/gentoo_otp.skip b/changelog.d/gentoo_otp.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/gentoo_otp_hotfix.skip b/changelog.d/gentoo_otp_hotfix.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/gentoo_otp_intro.skip b/changelog.d/gentoo_otp_intro.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/handle-report-from-deactivated-user.fix b/changelog.d/handle-report-from-deactivated-user.fix deleted file mode 100644 index 6692d1aa8..000000000 --- a/changelog.d/handle-report-from-deactivated-user.fix +++ /dev/null @@ -1 +0,0 @@ -Fix handling report from a deactivated user diff --git a/changelog.d/lint.skip b/changelog.d/lint.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/media-altdomain.skip b/changelog.d/media-altdomain.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/no_new_privs.add b/changelog.d/no_new_privs.add deleted file mode 100644 index b67396a4b..000000000 --- a/changelog.d/no_new_privs.add +++ /dev/null @@ -1 +0,0 @@ -(hardening) Add no_new_privs=yes to OpenRC service files diff --git a/changelog.d/otp_perms.security b/changelog.d/otp_perms.security deleted file mode 100644 index a3da1c677..000000000 --- a/changelog.d/otp_perms.security +++ /dev/null @@ -1 +0,0 @@ -- Reduced permissions of config files and directories, distros requiring greater permissions like group-read need to pre-create the directories \ No newline at end of file diff --git a/changelog.d/pipeline-triggers.skip b/changelog.d/pipeline-triggers.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/prevent-bypassing-authorized-fetch-mode.fix b/changelog.d/prevent-bypassing-authorized-fetch-mode.fix deleted file mode 100644 index 12f7260d7..000000000 --- a/changelog.d/prevent-bypassing-authorized-fetch-mode.fix +++ /dev/null @@ -1 +0,0 @@ -Prevent using the .json format to bypass authorized fetch mode \ No newline at end of file diff --git a/changelog.d/punycode-mention.fix b/changelog.d/punycode-mention.fix deleted file mode 100644 index f013c2dac..000000000 --- a/changelog.d/punycode-mention.fix +++ /dev/null @@ -1 +0,0 @@ -Fix mentioning punycode domains when using Markdown diff --git a/changelog.d/quote.add b/changelog.d/quote.add deleted file mode 100644 index 1c368ae75..000000000 --- a/changelog.d/quote.add +++ /dev/null @@ -1 +0,0 @@ -Implement quotes diff --git a/changelog.d/testfix-system-config-use.skip b/changelog.d/testfix-system-config-use.skip deleted file mode 100644 index e69de29bb..000000000 diff --git a/changelog.d/unified-streaming.add b/changelog.d/unified-streaming.add deleted file mode 100644 index 84821fcc8..000000000 --- a/changelog.d/unified-streaming.add +++ /dev/null @@ -1 +0,0 @@ -Add unified streaming endpoint diff --git a/changelog.d/update-credentials-limit-error.fix b/changelog.d/update-credentials-limit-error.fix deleted file mode 100644 index 7682f958e..000000000 --- a/changelog.d/update-credentials-limit-error.fix +++ /dev/null @@ -1 +0,0 @@ -Show more informative errors when profile exceeds char limits -- cgit v1.2.3 From aaf53d9d77a51b388f419c1b5aaaa8d133add05c Mon Sep 17 00:00:00 2001 From: tusooa Date: Tue, 31 Oct 2023 20:47:04 -0400 Subject: Bump package version for mergeback --- changelog.d/2.6.0-mergeback.skip | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 changelog.d/2.6.0-mergeback.skip (limited to 'changelog.d') diff --git a/changelog.d/2.6.0-mergeback.skip b/changelog.d/2.6.0-mergeback.skip new file mode 100644 index 000000000..e69de29bb -- cgit v1.2.3 From bf426c53b4e1c025d7857adf485976421175cdf6 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Tue, 7 Nov 2023 15:11:14 -0500 Subject: Fix digest email processing, consolidate Oban queues The email related jobs can all share a single Oban queue --- changelog.d/digest_emails.fix | 1 + 1 file changed, 1 insertion(+) create mode 100644 changelog.d/digest_emails.fix (limited to 'changelog.d') diff --git a/changelog.d/digest_emails.fix b/changelog.d/digest_emails.fix new file mode 100644 index 000000000..335a24464 --- /dev/null +++ b/changelog.d/digest_emails.fix @@ -0,0 +1 @@ +Fix the processing of email digest jobs. -- cgit v1.2.3 From 76c070fe8641f5519ca42dfcecdab3f47d882e8f Mon Sep 17 00:00:00 2001 From: "Haelwenn (lanodan) Monnier" Date: Wed, 8 Nov 2023 00:28:26 +0100 Subject: ObjectValidators.BareUriTest: Replace calls of SafeText to BareUri --- changelog.d/bare_uri_test.skip | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 changelog.d/bare_uri_test.skip (limited to 'changelog.d') diff --git a/changelog.d/bare_uri_test.skip b/changelog.d/bare_uri_test.skip new file mode 100644 index 000000000..e69de29bb -- cgit v1.2.3 From e23672d82f0a6e61bf4ada65cfca6cfbc647710d Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Wed, 8 Nov 2023 12:21:34 -0500 Subject: Ensure benchee doesn't run unless we are executing benchmarks --- changelog.d/benchee.skip | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 changelog.d/benchee.skip (limited to 'changelog.d') diff --git a/changelog.d/benchee.skip b/changelog.d/benchee.skip new file mode 100644 index 000000000..e69de29bb -- cgit v1.2.3