CHANGELOG.md: add 2.0.7 entry

This commit is contained in:
rinpatch 2020-06-12 21:09:40 +03:00
parent 9046f85ced
commit ffd12d3a1e
1 changed files with 14 additions and 0 deletions

View File

@ -3,6 +3,20 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
## [2.0.7] - 2020-06-13
### Security
- Fix potential DoSes exploiting atom leaks in rich media parser/`UserAllowListPolicy` MRF policy
### Fixed
- CSP: not allowing images/media from every host when mediaproxy is disabled
- CSP: not adding mediaproxy base url to image/media hosts
- StaticFE missing the CSS file
### Upgrade notes
1. Restart Pleroma
## [2.0.6] - 2020-06-09 ## [2.0.6] - 2020-06-09
### Security ### Security