Pleroma security release: 2.1.2

Pleroma 2.1.2 is a security release, fixing some object types (most notably polls) bypassing MRF and fixing bugs found after 2.1.1 release.

Pleroma security release: 2.1.1

Pleroma 2.1.1 is a security release, fixing 2 DoS vulnerabilities, metadata leak on private instances, a possible OOM with the default HTTP client and bugs found after 2.1.0 release.

Pleroma Release: 2.1.0

Pleroma 2.1.0 is a feature release that also contains many bugfixes and general improvements.

Pleroma security release: 2.0.7

Pleroma 2.0.7 is a security release, fixing 2 potential DoSes and CSP regressions introduced in 2.0.6 release.

Pleroma patch release: 2.0.6

Pleroma 2.0.6 is a patch release, bringing some database performance improvements, security hardening and fixing bugs found after the 2.0.5 release.

Pleroma security release: 2.0.5

Pleroma 2.0.5 is a security release, fixing a potential private status leak in Streaming API, removes the hard dependency on erlang-eldap introduced in 2.0.4 and other bugs found since 2.0.4 release.

Pleroma security release: 2.0.4

Pleroma 2.0.4 is a security release, fixing a potentially breaky migration introduced in 2.0.3, a potential DoS using AP C2S and other bugs found since 2.0.3 release.

Pleroma security release: 2.0.3

Pleroma 2.0.3 is a security release, fixing: possibility of re-registration of previously deleted users, ability to force a follow from a local user, and bugs found after 2.0.2 release.

Pleroma patch release: 2.0.2

Pleroma 2.0.2 is a patch release, fixing bugs found after 2.0.1 release.

Pleroma security release: 2.0.1

Pleroma 2.0.1 is a security release, fixing improper HTML sanitization in Static-FE and bugs found after 2.0.0 release.

Pleroma major release: 2.0.0

Pleroma 2.0.0 released with emoji reactions, OStatus removal, configuration from Admin-FE and much more! You can read a blog post about it here.

Pleroma patch release: 1.1.9

Pleroma 1.1.9 is a patch release, fixing bugs found after 1.1.8 release.

Rate limiter and Remote IP plug soon to be enabled by default again

Rate limiter was disabled by default in !1601 since the majority of Pleroma instances were behind reverse proxies and it didn't take X-Forwarded-For headers into account, rate limiting the reverse proxy IP instead.

Since then a Remote IP plug was...