Automated changelog update [skip ci]

CHANGELOG.md

@@ -57,6 +57,7 @@ The following sections list the changes for unreleased.
 
 ## Summary
 
+* Bugfix - Removed 'OCM_OCM_PROVIDER_AUTHORIZER_VERIFY_REQUEST_HOSTNAME' setting: [#104](https://github.com/owncloud/ocis/pull/104xx)
 * Bugfix - Generate short tokens to be used as access tokens for WOPI: [#10391](https://github.com/owncloud/ocis/pull/10391)
 * Bugfix - Fix put relative wopi operation for microsoft: [#10403](https://github.com/owncloud/ocis/pull/10403)
 * Bugfix - Make SSE keepalive interval configurable: [#10411](https://github.com/owncloud/ocis/pull/10411)
@@ -64,6 +65,19 @@ The following sections list the changes for unreleased.
 
 ## Details
 
+* Bugfix - Removed 'OCM_OCM_PROVIDER_AUTHORIZER_VERIFY_REQUEST_HOSTNAME' setting: [#104](https://github.com/owncloud/ocis/pull/104xx)
+
+   The config option 'OCM_OCM_PROVIDER_AUTHORIZER_VERIFY_REQUEST_HOSTNAME' was
+   removed from the OCM service. The additional security provided by this setting
+   is somewhat questionable and only provided in very specific setups.
+
+   We are not going through the normal deprecation process for this setting, as it
+   was never really working anyway. If you have this setting in your configuration,
+   it will be ignored. You can safely remove it.
+
+   https://github.com/owncloud/ocis/issues/10355
+   https://github.com/owncloud/ocis/pull/104xx
+
 * Bugfix - Generate short tokens to be used as access tokens for WOPI: [#10391](https://github.com/owncloud/ocis/pull/10391)
 
    Currently, the access tokens being used might be too long. In particular,