From 45b52146ff24d94c541326fabf512272d7f30f9b Mon Sep 17 00:00:00 2001 From: tituspijean Date: Wed, 5 Jul 2023 00:42:48 +0200 Subject: [PATCH 1/3] [autopatch] Fix Host and X-Forwarded-For header spoofing --- conf/nginx.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 748f7f1..25c3a7e 100755 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -4,7 +4,7 @@ location / { proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; - proxy_set_header Host $http_host; + proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://127.0.0.1:__PORT__; From c7838f9ebce7f94503f14fba7f8f3e7802024470 Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 4 Aug 2023 18:04:17 +0000 Subject: [PATCH 2/3] Upgrade to v2.5.3 --- conf/amd64.src | 4 ++-- conf/arm64.src | 4 ++-- conf/armhf.src | 4 ++-- manifest.json | 2 +- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/conf/amd64.src b/conf/amd64.src index e8796bd..edf6fee 100644 --- a/conf/amd64.src +++ b/conf/amd64.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://git.pleroma.social/pleroma/pleroma/-/jobs/234433/artifacts/download?file_type=archive -SOURCE_SUM=8ef0bea62671d39e60f9e08d13109a4c332c552a1f855184063353987d46c84a +SOURCE_URL=https://git.pleroma.social/pleroma/pleroma/-/jobs/238904/artifacts/download?file_type=archive +SOURCE_SUM=d390b3e21328d51cee185b0f574d5e79adfed6805c15a2686ec764147c6c8019 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=zip SOURCE_IN_SUBDIR=true diff --git a/conf/arm64.src b/conf/arm64.src index 0530ecd..b906b26 100644 --- a/conf/arm64.src +++ b/conf/arm64.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://git.pleroma.social/pleroma/pleroma/-/jobs/234437/artifacts/download?file_type=archive -SOURCE_SUM=2e2622a7a50284573fbb3dc66f0510c03d19403ab1e23d6b5dce7bddc11fca95 +SOURCE_URL=https://git.pleroma.social/pleroma/pleroma/-/jobs/238908/artifacts/download?file_type=archive +SOURCE_SUM=716ab18cbe69c4e82df390a94f91b45681ad53a7410fc46678412a44d96d3b72 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=zip SOURCE_IN_SUBDIR=true diff --git a/conf/armhf.src b/conf/armhf.src index d6b71cf..c470827 100644 --- a/conf/armhf.src +++ b/conf/armhf.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://git.pleroma.social/pleroma/pleroma/-/jobs/234449/artifacts/download?file_type=archive -SOURCE_SUM=abab2ad69704b999dbe1b995ce12aabc8069d9620ca332ecc621b20826d6db97 +SOURCE_URL=https://git.pleroma.social/pleroma/pleroma/-/jobs/238906/artifacts/download?file_type=archive +SOURCE_SUM=ec7ef8a0dd92325b2e61cd03772a078c28ae72cac4728570e79c73a4ef7c80d4 SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=zip SOURCE_IN_SUBDIR=true diff --git a/manifest.json b/manifest.json index d34f590..e28d014 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Federated social networking server built on open protocols", "fr": "Serveur de réseautage social fédéré basé sur des protocoles ouverts" }, - "version": "2.5.2~ynh1", + "version": "2.5.3~ynh1", "url": "https://pleroma.social/", "upstream": { "license": "AGPL-3.0-only", From fdd3d0fae2dc22d7adce03c0d0ba6ca93c9f5fab Mon Sep 17 00:00:00 2001 From: yunohost-bot Date: Fri, 4 Aug 2023 18:04:23 +0000 Subject: [PATCH 3/3] Auto-update README --- README.md | 2 +- README_fr.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index cd978ce..8d8b5e6 100644 --- a/README.md +++ b/README.md @@ -23,7 +23,7 @@ For user friendly details about Pleroma: [see here](https://blog.soykaf.com/post **Mastodon web front-end for Pleroma:** Add **/web** in front of your Pleroma domain, eg. pleroma.domain.tld/web -**Shipped version:** 2.5.2~ynh1 +**Shipped version:** 2.5.3~ynh1 ## Screenshots diff --git a/README_fr.md b/README_fr.md index 229b50d..d9e9408 100644 --- a/README_fr.md +++ b/README_fr.md @@ -23,7 +23,7 @@ Pour des informations plus détaillées sur Pleroma voir [What is Pleroma](https **Interface utilisateur Mastodon pour Pleroma :** Ajouter `/web` à la fin du nom de domaine (URL) de votre installation, par exemple : `https://pleroma.domain.tld/web` -**Version incluse :** 2.5.2~ynh1 +**Version incluse :** 2.5.3~ynh1 ## Captures d’écran