We are planning to release security patches for versions...

We are planning to release security patches for versions 3.5, 4.0, 4.1 and nightly next Tuesday, Sep 19, at 15:00 UTC. We encourage server administrators to plan for a timely upgrade to ensure their Mastodon server is protected.

Like 15 Sep 2023 at 21:44 | Open on mastodon.social

6 comments

jenbanim

@MastodonEngineering is the 4.2 beta branch affected?

15 Sep 2023 at 21:47 | Open on mastodo.neoliber.al

jenbanim

Pinging @esm in case you didn't see this

15 Sep 2023 at 21:53 | Open on mastodo.neoliber.al

Melroy van den Berg

@MastodonEngineering Using Docker :)... So I only need to do:

```
docker compose pull web
docker compose pull sidekiq
docker compose pull streaming
docker compose run --rm web bundle exec rake db:migrate
```

15 Sep 2023 at 22:00 | Open on mastodon.melroy.org

MikeZ

@MastodonEngineering How do you upgrade from the 4.2.0 RC to the latest nightly, please?

15 Sep 2023 at 22:49 | Open on toot.umiamz.me

💉💉💉🦠JF :debian: :verbike:

@MastodonEngineering At a time when people are running the RC (at your request) it would be nice for it to have a patch as well

16 Sep 2023 at 10:57 | Open on rouge.eu.org

( hellekin )

Following the dramatic announcement of @MastodonEngineering that a security release will be available tomorrow at 15:00,

and due to the unavailability of a sysadmin at this time, we're going down for a couple of days.

Enjoy your life without notifications 😗

Yeah, this https://nvd.nist.gov/vuln/detail/CVE-2023-4863 is going to be harmful for a while.

Who can trust their computers now? If we ever could.

18 Sep 2023 at 8:07 | Open on ps.s10y.eu

Go Up