Mergeback release 2.5.4
This commit is contained in:
parent
6d48b0f1a9
commit
4099ddb3dc
@ -18,6 +18,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||
### Removed
|
||||
- BREAKING: Support for passwords generated with `crypt(3)` (Gnu Social migration artifact)
|
||||
|
||||
## 2.5.4
|
||||
|
||||
## Security
|
||||
- Fix XML External Entity (XXE) loading vulnerability allowing to fetch arbitary files from the server's filesystem
|
||||
|
||||
## 2.5.3
|
||||
|
||||
### Security
|
||||
|
@ -1 +1 @@
|
||||
Restrict XML parser from processing external entitites (XXE)
|
||||
Fix XML External Entity (XXE) loading vulnerability allowing to fetch arbitary files from the server's filesystem
|
||||
|
Loading…
Reference in New Issue
Block a user