[....] Establishing neural uplink.... [....] Copyright MementoMoriSoft (c) 1999 [....] The following uplink is protected under international copyright law. [....] Unauthorized reproduction of this uplink is punishable by death. [....] [....] ☠☠☠ RUNNING PIRATE.EXE ☠☠☠ [....] PATCHING OUT LICENSE VERIFICATION. [....] REPLACING UPLINK SERVER. [....] [....] Uplink port match: female. Adjusting biological processes accordingly. [....] Alternate username detected: noirscape. [ ✓ ] Neural uplink has been established. Welcome. [....] Your username is: glitch.
- OEmbed preview parsing could lead to XSS. - A bug that allowed users to upload files anywhere the Mastodon app could write to was squashed. - It was possible to read-timeout the HTTP workers by constantly delaying requests. - Something about how it’s possible to craft a misleading verified URL using formatting. (I don’t quite think this is a security issue, more a user issue but fine, whatever).
for anyone wondering, the mastodon security advisories got posted.
- OEmbed preview parsing could lead to XSS. - A bug that allowed users to upload files anywhere the Mastodon app could write to was squashed. - It was possible to read-timeout the HTTP workers by constantly delaying requests. - Something about how it’s possible to craft a misleading verified URL using formatting. (I don’t quite think this is a security issue, more a user issue...