GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    h12o (h12o@mastodon.tokyo)'s status on Thursday, 15-Feb-2024 10:35:43 JST h12o h12o

    #Mastodon が依存するRailsパッケージのひとつ、sidekiq-unique-jobsのXSS sidekiq-unique-jobs UI server vulnerability( GHSA-cmh9-rx85-xj38 , CVE-2024-25122)等の対応でMastodon v4.2.6・v4.1.14・v4.0.14・v3.5.18がリリースされています。

    今回は攻撃概念実証(PoC)も出ているので攻撃はすぐにでも始められてしまうため、急ぎアップデートが求められます。

    - v4.2.6 https://github.com/mastodon/mastodon/releases/tag/v4.2.6

    In conversation Thursday, 15-Feb-2024 10:35:43 JST from mastodon.tokyo permalink

    Attachments

    1. Domain not in remote thumbnail source whitelist: opengraph.githubassets.com
      Release v4.2.6 · mastodon/mastodon
      ⚠️ This release is an important security release fixing several security issue. Corresponding security releases are available for the 4.1.x branch, the 4.0.x branch and the 3.5.x branch. If you a...

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • TOS
    • Privacy
    • Source
    • Version
    • Contact

    GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.