CHANGELOG.md: Add entry for re-registration ban

author rinpatch <rinpatch@sdf.org>

Thu, 30 Apr 2020 21:33:04 +0000 (00:33 +0300)

committer rinpatch <rinpatch@sdf.org>

Sat, 2 May 2020 16:05:13 +0000 (19:05 +0300)
author rinpatch <rinpatch@sdf.org>
Thu, 30 Apr 2020 21:33:04 +0000 (00:33 +0300)
committer rinpatch <rinpatch@sdf.org>
Sat, 2 May 2020 16:05:13 +0000 (19:05 +0300)
diff --git a/CHANGELOG.md b/CHANGELOG.md

index 9279c1af0765745d94e935da99cd7cb664c74c60..d1e7be74e0cb69a715de0d732b1ff6e4d98c7a6a 100644 (file)
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -38,6 +38,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
  
  ## [unreleased-patch]
  ### Security
+- Disallow re-registration of previously deleted users, which allowed viewing direct messages addressed to them
  - Mastodon API: Fix `POST /api/v1/follow_requests/:id/authorize` allowing to force a follow from a local user even if they didn't request to follow
  
  ### Fixed
author	rinpatch <rinpatch@sdf.org>
	Thu, 30 Apr 2020 21:33:04 +0000 (00:33 +0300)
committer	rinpatch <rinpatch@sdf.org>
	Sat, 2 May 2020 16:05:13 +0000 (19:05 +0300)