(For older security updates, see #2594 and #2620)

As you may be aware, Mastodon released a major security update on Friday, Feb 16.

The vulnerability affects pretty much any Mastodon version and glitch-soc is affected too.

The patches are now available for glitch-soc.

Docker images tagged nightly.2024-02-17-security are available with the fixes.

Older glitch-soc versions

The fixes have been merged into glitch-soc's main branch, but I'm aware glitch-soc not having proper releases, people are likely to use older versions.

Therefore, patches have also been ported for specific breakpoints (see #2525 for a description of most of these breakpoints). If you can't update to latest glitch-soc, try to find the version closest to your current deployment:

• 8c76a20 (2024-02-06): branch glitch-soc/security/8c76a208ed30cc1bd54262302b2aed27ae142509
• 915cd36 (2024-01-19): branch glitch-soc/security/915cd36ac11fc9d6fd221d68ed5b0749b88c7348
• 5f86184 (2024-01-13): branch glitch-soc/security/5f8618443c694e24577f722968c118162c86212c
• 19e1465 (2023-12-27): branch glitch-soc/security/19e14654ccde8fb8e8412d3f4575bbcff3184a33
• f96e713 (2023-12-22): branch glitch-soc/security/f96e71352244b1fb43fe1cdf6ec7608f7486d29d
• f425a1e (2023-12-20): branch glitch-soc/security/f425a1e6378bd4fbed568100f0c26acfc6db8fd9
• 1885637 (2023-12-18): branch glitch-soc/security/18856371be8603b7f720afaf8500b656c4667573
• 59893a4 (2023-10-27): branch glitch-soc/security/59893a4eabb7edc836a6fe87e0fcad62e56d66ed
• d0d06c9 (2023-09-21): branch glitch-soc/security/d0d06c99dcd6280797807fc846910ef4ed1d6ef8