automation: Update mastodon Docker tag to v4.2.9
This MR contains the following updates:
| Package | Update | Change |
|---|---|---|
| mastodon | patch |
4.2.8 -> 4.2.9
|
Release Notes
mastodon/mastodon (mastodon)
v4.2.9
Security
- Update dependencies
- Fix private mention filtering (GHSA-5fq7-3p3j-9vrf)
- Fix password change endpoint not being rate-limited (GHSA-q3rg-xx5v-4mxh)
- Add hardening around rate-limit bypass (GHSA-c2r5-cfqr-c553)
Added
- Add rate-limit on OAuth application registration (ThisIsMissEm)
- Add fallback redirection when getting a webfinger query
WEB_DOMAIN@WEB_DOMAIN(ClearlyClaire) - Add
digestattribute toAdmin::DomainBlockentity in REST API (ThisIsMissEm)
Removed
- Remove superfluous application-level caching in some controllers (ClearlyClaire)
- Remove aggressive OAuth application vacuuming (ThisIsMissEm)
Fixed
- Fix leaking Elasticsearch connections in Sidekiq processes (ClearlyClaire)
- Fix language of remote posts not being recognized when using unusual casing (ClearlyClaire)
- Fix off-by-one in
tootctl mediacommands (ClearlyClaire) - Fix removal of allowed domains (in
LIMITED_FEDERATION_MODE) not being recorded in the audit log (ThisIsMissEm) - Fix not being able to block a subdomain of an already-blocked domain through the API (ClearlyClaire)
- Fix
Idempotency-Keybeing ignored when scheduling a post (ClearlyClaire) - Fix crash when supplying the
FFMPEG_BINARYenvironment variable (timothyjrogers) - Fix improper email address validation (ClearlyClaire)
- Fix results/query in
api/v1/featured_tags/suggestions(mjankowski) - Fix unblocking internationalized domain names under certain conditions (tribela)
- Fix admin account created by
mastodon:setupnot being auto-approved (ClearlyClaire) - Fix reference to non-existent var in CLI maintenance command (mjankowski)
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot. The local configuration can be found in the local Renovate Bot repository.