2024-02-14 security update
ClearlyClaire opened this issue · comments
(For older security updates, see #2594)
As you may be aware, Mastodon released a critical security update on Wednesday, Feb 14.
The vulnerability affects pretty much any Mastodon version and glitch-soc is affected too.
The patches are now available for glitch-soc.
Docker images tagged nightly.2024-02-15-security
are available with the fixes.
Older glitch-soc versions
The fixes have been merged into glitch-soc's main
branch, but I'm aware glitch-soc not having proper releases, people are likely to use older versions.
Therefore, patches have also been ported for specific breakpoints (see #2525 for a description of most of these breakpoints). If you can't update to latest glitch-soc, try to find the version closest to your current deployment:
- 8c76a20 (2024-02-06): branch glitch-soc/security/8c76a208ed30cc1bd54262302b2aed27ae142509
- 915cd36 (2024-01-19): branch glitch-soc/security/915cd36ac11fc9d6fd221d68ed5b0749b88c7348
- 5f86184 (2024-01-13): branch glitch-soc/security/5f8618443c694e24577f722968c118162c86212c
- 19e1465 (2023-12-27): branch glitch-soc/security/19e14654ccde8fb8e8412d3f4575bbcff3184a33
- f96e713 (2023-12-22): branch glitch-soc/security/f96e71352244b1fb43fe1cdf6ec7608f7486d29d
- f425a1e (2023-12-20): branch glitch-soc/security/f425a1e6378bd4fbed568100f0c26acfc6db8fd9
- 1885637 (2023-12-18): branch glitch-soc/security/18856371be8603b7f720afaf8500b656c4667573
- 59893a4 (2023-10-27): branch glitch-soc/security/59893a4eabb7edc836a6fe87e0fcad62e56d66ed
- d0d06c9 (2023-09-21): branch glitch-soc/security/d0d06c99dcd6280797807fc846910ef4ed1d6ef8