diff options
| author | Claire <claire.github-309c@sitedethib.com> | 2024-07-04 16:46:39 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-07-04 16:46:39 +0200 |
| commit | ff90ebffaa80bb48d12a838d9a4f82fa7edb602b (patch) | |
| tree | 0a490f884c6bf62a25fd4359d527021c6af748bb | |
| parent | a1c7aae28aecf06659c5b18cfa131b37cd1512a3 (diff) | |
Bump version to v4.1.18 (#30911)v4.1.18stable-4.1
| -rw-r--r-- | CHANGELOG.md | 22 | ||||
| -rw-r--r-- | docker-compose.yml | 6 | ||||
| -rw-r--r-- | lib/mastodon/version.rb | 2 |
3 files changed, 26 insertions, 4 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index b0254d4676b..7306bcd8ee9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,28 @@ Changelog All notable changes to this project will be documented in this file. +## [4.1.18] - 2024-07-04 + +### Security + +- Fix incorrect permission checking on multiple API endpoints ([GHSA-58x8-3qxw-6hm7](https://github.com/mastodon/mastodon/security/advisories/GHSA-58x8-3qxw-6hm7)) +- Fix incorrect authorship checking when processing some activities (CVE-2024-37903, [GHSA-xjvf-fm67-4qc3](https://github.com/mastodon/mastodon/security/advisories/GHSA-xjvf-fm67-4qc3)) +- Fix ongoing streaming sessions not being invalidated when application tokens get revoked ([GHSA-vp5r-5pgw-jwqx](https://github.com/mastodon/mastodon/security/advisories/GHSA-vp5r-5pgw-jwqx)) +- Update dependencies + +### Changed + +- Change preview cards generation to skip unusually long URLs ([oneiros](https://github.com/mastodon/mastodon/pull/30854)) +- Change search modifiers to be case-insensitive ([Gargron](https://github.com/mastodon/mastodon/pull/30865)) +- Change `STATSD_ADDR` handling to emit a warning rather than crashing if the address is unreachable ([timothyjrogers](https://github.com/mastodon/mastodon/pull/30691)) +- Change PWA start URL from `/home` to `/` ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/27377)) + +### Fixed + +- Fix scheduled statuses scheduled in less than 5 minutes being immediately published ([danielmbrasil](https://github.com/mastodon/mastodon/pull/30584)) +- Fix encoding detection for link cards ([oneiros](https://github.com/mastodon/mastodon/pull/30780)) +- Fix `/admin/accounts/:account_id/statuses/:id` for edited posts with media attachments ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/30819)) + ## [4.1.17] - 2024-05-30 ### Security diff --git a/docker-compose.yml b/docker-compose.yml index 6dde096d22f..1d4bb1b1c7a 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -56,7 +56,7 @@ services: web: build: . - image: ghcr.io/mastodon/mastodon:v4.1.17 + image: ghcr.io/mastodon/mastodon:v4.1.18 restart: always env_file: .env.production command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000" @@ -77,7 +77,7 @@ services: streaming: build: . - image: ghcr.io/mastodon/mastodon:v4.1.17 + image: ghcr.io/mastodon/mastodon:v4.1.18 restart: always env_file: .env.production command: node ./streaming @@ -95,7 +95,7 @@ services: sidekiq: build: . - image: ghcr.io/mastodon/mastodon:v4.1.17 + image: ghcr.io/mastodon/mastodon:v4.1.18 restart: always env_file: .env.production command: bundle exec sidekiq diff --git a/lib/mastodon/version.rb b/lib/mastodon/version.rb index 3e2a11f14bf..627f3dc97f0 100644 --- a/lib/mastodon/version.rb +++ b/lib/mastodon/version.rb @@ -13,7 +13,7 @@ module Mastodon end def patch - 17 + 18 end def flags |