Merge branch 'simplepolicy-announce-leak' into 'develop'

SimplePolicy: filter nested objects, fixes #2582 Closes #2582 See merge request pleroma/pleroma!3376
author: feld <feld@feld.me> 2021-05-28 19:05:13 +0000
committer: feld <feld@feld.me> 2021-05-28 19:05:13 +0000
commit: 359ded086c99c364ab6342a6c5007f251cd0ff24 (patch)
tree: accf82166ff68b8318ea79e4bbc044a1818d9cb8 /CHANGELOG.md
parent: c44dd05f64fd9af16d70a60788c6760a8168a4de (diff)
parent: cea44b6b3ebac3976699d2460ae53d8506b86445 (diff)
download: pleroma-359ded086c99c364ab6342a6c5007f251cd0ff24.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index eacba0208..feac7b1c3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -33,6 +33,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 - Applying ConcurrentLimiter settings via AdminAPI
 - User login failures if their `notification_settings` were in a NULL state.
 - Mix task `pleroma.user delete_activities` query transaction timeout is now :infinity
+- MRF (`SimplePolicy`): Embedded objects are now checked. If any embedded object would be rejected, its parent is rejected. This fixes Announces leaking posts from blocked domains.
 - Fixed some Markdown issues, including trailing slash in links.
 
 ## [2.3.0] - 2020-03-01
author	feld <feld@feld.me>	2021-05-28 19:05:13 +0000
committer	feld <feld@feld.me>	2021-05-28 19:05:13 +0000
commit	359ded086c99c364ab6342a6c5007f251cd0ff24 (patch)
tree	accf82166ff68b8318ea79e4bbc044a1818d9cb8 /CHANGELOG.md
parent	c44dd05f64fd9af16d70a60788c6760a8168a4de (diff)
parent	cea44b6b3ebac3976699d2460ae53d8506b86445 (diff)
download	pleroma-359ded086c99c364ab6342a6c5007f251cd0ff24.tar.gz