[1.0.3] - 2019-07-31

Security

  • OStatus: eliminate the possibility of a protocol downgrade attack.
  • OStatus: prevent following locked accounts, bypassing the approval process.
  • TwitterAPI: use CommonAPI to handle remote follows instead of OStatus.

Fixed

  • pleroma_ctl not detecting the master branch properly. If you get "Releases are built only for master and develop branches" error when updating, please add - to the end of the line in releases/start_erl.data