Skip to content

Fedify 0.10.1
Compare
Choose a tag to compare
@github-actions github-actions released this 05 Jul 02:30
· 413 commits to main since this release
0.10.1
This tag was signed with the committer’s verified signature.
dahlia Hong Minhee (洪 民憙)
GPG key ID: C429ECD57EED6CCA
Learn about vigilant mode.
7163c25
This commit was signed with the committer’s verified signature.
dahlia Hong Minhee (洪 民憙)
GPG key ID: C429ECD57EED6CCA
Learn about vigilant mode.

Released on July 5, 2024.

  • Fixed a SSRF vulnerability in the built-in document loader. [CVE-2024-39687]

    • The fetchDocumentLoader() function now throws an error when the given URL is not an HTTP or HTTPS URL or refers to a private network address.
    • The getAuthenticatedDocumentLoader() function now returns a document loader that throws an error when the given URL is not an HTTP or HTTPS URL or refers to a private network address.
Assets 8
Loading
0 Join discussion