commit: cdfd02e90455fe7c01026efb48af3194cc82252b
parent: 6c06529cd4549fca3ba4b1de72838240463f8306
Author: kaniini <ariadne@dereferenced.org>
Date: Wed, 31 Jul 2019 20:08:27 +0000
Merge branch 'chore/changelog-update' into 'develop'
Add a changelog entry for disallowing locked accounts follows over OStatus
See merge request pleroma/pleroma!1513
Diffstat:
1 file changed, 1 insertion(+), 0 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
## [Unreleased]
### Security
- OStatus: eliminate the possibility of a protocol downgrade attack.
+- OStatus: prevent following locked accounts, bypassing the approval process.
### Changed
- **Breaking:** Configuration: A setting to explicitly disable the mailer was added, defaulting to true, if you are using a mailer add `config :pleroma, Pleroma.Emails.Mailer, enabled: true` to your config