From 85e0961c6bef2b4e105e5f9e74f7ad42bf07dbd8 Mon Sep 17 00:00:00 2001
From: Chocobozzz <me@florianbigard.com>
Date: Tue, 22 Feb 2022 15:25:55 +0100
Subject: [PATCH] Update changelog

---
 CHANGELOG.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9abc75cb6..41175af40 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -34,6 +34,11 @@
  * Add ability for admins to specify `youtube-dl`/`yt-dlp` python binary path [#4706](https://github.com/Chocobozzz/PeerTube/pull/4706)
  * PeerTube server startup is faster
 
+### Security
+
+  * Check video privacy before listing or accepting captions, comments or rates
+  * Check video import target URL does not resolve to internal IP. This technique has some limits so if you have private HTTP services on your server/network publicly accessible, we recommend to use a proxy or a dedicated interface for PeerTube
+
 ### CLI tools
 
  * Also remove HLS files when using `prune-storage` script
@@ -101,6 +106,9 @@
  * Prevent video import on non unicast ips
  * Improve markdown to plain text converter, especially when handling lists
  * Fix scheduled publication on upload
+ * Fix youtube-dl max buffer size error
+ * Hide remote subscribe if user is logged in
+ * Fix video file `storage` column inconsistency
 
 
 ## v4.0.0