X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=CHANGELOG.md;h=ebbbc3be8d2cf82189e86ba99c3f708013bedb42;hb=c977a27043b350fa5c134460f9e91f5d9c1d3f79;hp=a9ee14f0ec9670d7be553ba84f21697a84acd556;hpb=d15d55eda2c2e4672090460e13be675bd9e38631;p=akkoma

diff --git a/CHANGELOG.md b/CHANGELOG.md
index a9ee14f0e..ebbbc3be8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -17,6 +17,9 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Fixed
 - Updated `no_empty` MRF to not error when recieving misskey markdown
 
+### Security
+- Ensure local-only statuses do not get leaked
+
 ## 2.5.1
 
 ### Added
@@ -64,7 +67,19 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ### Removed
 
-## 2.4.1 - 2021-08-29
+### Security
+- Private `/objects/` and `/activities/` leaking if cached by authenticated user
+- SweetXML library DTD bomb
+
+## 2.4.2 - 2022-01-10
+
+### Fixed
+- Federation issues caused by HTTP pool checkout timeouts
+- Compatibility with Elixir 1.13
+
+### Upgrade notes
+
+1. Restart Pleroma
 
 ### Changed
 - Make `mix pleroma.database set_text_search_config` run concurrently and indefinitely