From 998e9cedd3fcbfa55146ba3f2b7c497dfb7efec9 Mon Sep 17 00:00:00 2001 From: Claire Date: Mon, 8 Dec 2025 16:20:24 +0100 Subject: [PATCH] Bump version to v4.2.28 (#37164) --- CHANGELOG.md | 10 ++++++++++ docker-compose.yml | 6 +++--- lib/mastodon/version.rb | 2 +- 3 files changed, 14 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index a0d7b3f5014..6c27aca0a2b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,16 @@ All notable changes to this project will be documented in this file. +## [4.2.28] - 2025-12-08 + +### Security + +- Fix inconsistent error handling leaking information on existence of private posts ([GHSA-gwhw-gcjx-72v8](https://github.com/mastodon/mastodon/security/advisories/GHSA-gwhw-gcjx-72v8)) + +### Fixed + +- Fix old previously-undiscovered posts being treated as new when receiving an `Update` (#36848 by @ClearlyClaire) + ## [4.2.27] - 2025-10-13 ### Security diff --git a/docker-compose.yml b/docker-compose.yml index ceb0c4d7926..56fea4eec8b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -56,7 +56,7 @@ services: web: build: . - image: ghcr.io/mastodon/mastodon:v4.2.27 + image: ghcr.io/mastodon/mastodon:v4.2.28 restart: always env_file: .env.production command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000" @@ -77,7 +77,7 @@ services: streaming: build: . - image: ghcr.io/mastodon/mastodon:v4.2.27 + image: ghcr.io/mastodon/mastodon:v4.2.28 restart: always env_file: .env.production command: node ./streaming @@ -95,7 +95,7 @@ services: sidekiq: build: . - image: ghcr.io/mastodon/mastodon:v4.2.27 + image: ghcr.io/mastodon/mastodon:v4.2.28 restart: always env_file: .env.production command: bundle exec sidekiq diff --git a/lib/mastodon/version.rb b/lib/mastodon/version.rb index 4474714f5fc..257c04648fe 100644 --- a/lib/mastodon/version.rb +++ b/lib/mastodon/version.rb @@ -13,7 +13,7 @@ module Mastodon end def patch - 27 + 28 end def default_prerelease