about summary refs log tree commit diff
path: root/CHANGELOG.md
diff options
context:
space:
mode:
authorStarfall <us@starfall.systems>2022-02-03 07:12:41 -0600
committerStarfall <us@starfall.systems>2022-02-03 07:12:41 -0600
commit2daee3d28bba6da5dbaf277eca350cc94e5ade13 (patch)
treea95d76986390b720e34555ea6d27dee5f68d8486 /CHANGELOG.md
parent71022b8a93167706e658dbc21d7ab15e71566b37 (diff)
parent73b730e649555c9b0d2419130c5496e715fd3387 (diff)
2021-02-03 security fixes
Merge remote-tracking branch 'glitch/main'
Diffstat (limited to 'CHANGELOG.md')
-rw-r--r--CHANGELOG.md12
1 files changed, 12 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9deff5a0d..c2eff7fa3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,18 @@ Changelog
 
 All notable changes to this project will be documented in this file.
 
+## [3.4.6] - 2022-02-03
+### Fixed
+- Fix `mastodon:webpush:generate_vapid_key` task requiring a functional environment ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17338))
+- Fix spurious errors when receiving an Add activity for a private post ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17425))
+
+### Security
+- Fix error-prone SQL queries ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/15828))
+- Fix not compacting incoming signed JSON-LD activities ([puckipedia](https://github.com/mastodon/mastodon/pull/17426), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/17428)) (CVE-2022-24307)
+- Fix insufficient sanitization of report comments ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17430))
+- Fix stop condition of a Common Table Expression ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17427))
+- Disable legacy XSS filtering ([Wonderfall](https://github.com/mastodon/mastodon/pull/17289))
+
 ## [3.4.5] - 2022-01-31
 ### Added
 - Add more advanced migration tests ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/17393))
generated by cgit-pink (git 2.37.1) at 2024-07-22 07:48:54 +0000