News tagged stable

Pleroma major release: 2.3.0

Pleroma 2.3.0 has been released, featuring many fixes, additions and improvements.

Upgrade notes

  1. Run database migrations (inside Pleroma directory):
    • OTP: ./bin/pleroma_ctl migrate
    • From Source: mix ecto.migrate
  2. Restart Pleroma

Frontend changes

Pleroma patch release: 2.2.2

Pleroma 2.2.2 is a patch release. It fixes minor annoyances on the backend side, like EmojiStealPolicy not creating a directory by itself and mix deps.get warning about a retired package.

On the frontend side it adds a report button to the status...

Pleroma patch release: 2.2.1

Pleroma 2.2.1 is patch release that fixes a few backend bugs.

On the frontend side we've got a long list of improvements in this release.

Most noticeable changes are moving the "external source" under the ellipsis button. Speaking of buttons, many...

Pleroma major release: 2.2.0

Pleroma 2.2.0 released, featuring many fixes, additions and improvements. Among the most significant changes are: optimized timeline rendering for Pleroma-FE, switch to libmagic for guessing file types (requires a new system-level dependency!) and the addition of an optional media-optimizing proxy for thumbnail generation.

Pleroma security release: 2.1.2

Pleroma 2.1.2 is a security release, fixing some object types (most notably polls) bypassing MRF and fixing bugs found after 2.1.1 release.

Pleroma security release: 2.1.1

Pleroma 2.1.1 is a security release, fixing 2 DoS vulnerabilities, metadata leak on private instances, a possible OOM with the default HTTP client and bugs found after 2.1.0 release.

Pleroma Release: 2.1.0

Pleroma 2.1.0 is a feature release that also contains many bugfixes and general improvements.

Pleroma security release: 2.0.7

Pleroma 2.0.7 is a security release, fixing 2 potential DoSes and CSP regressions introduced in 2.0.6 release.

Pleroma patch release: 2.0.6

Pleroma 2.0.6 is a patch release, bringing some database performance improvements, security hardening and fixing bugs found after the 2.0.5 release.

Pleroma security release: 2.0.5

Pleroma 2.0.5 is a security release, fixing a potential private status leak in Streaming API, removes the hard dependency on erlang-eldap introduced in 2.0.4 and other bugs found since 2.0.4 release.

Pleroma security release: 2.0.4

Pleroma 2.0.4 is a security release, fixing a potentially breaky migration introduced in 2.0.3, a potential DoS using AP C2S and other bugs found since 2.0.3 release.

Pleroma security release: 2.0.3

Pleroma 2.0.3 is a security release, fixing: possibility of re-registration of previously deleted users, ability to force a follow from a local user, and bugs found after 2.0.2 release.

Pleroma patch release: 2.0.2

Pleroma 2.0.2 is a patch release, fixing bugs found after 2.0.1 release.

Pleroma security release: 2.0.1

Pleroma 2.0.1 is a security release, fixing improper HTML sanitization in Static-FE and bugs found after 2.0.0 release.

Pleroma major release: 2.0.0

Pleroma 2.0.0 released with emoji reactions, OStatus removal, configuration from Admin-FE and much more! You can read a blog post about it here.

Pleroma patch release: 1.1.9

Pleroma 1.1.9 is a patch release, fixing bugs found after 1.1.8 release.

Rate limiter and Remote IP plug soon to be enabled by default again

Rate limiter was disabled by default in !1601 since the majority of Pleroma instances were behind reverse proxies and it didn't take X-Forwarded-For headers into account, rate limiting the reverse proxy IP instead.

Since then a Remote IP plug was...