π¨ Pixelfed admins: please update ASAP to v0.11.11
More information will be published on Feb 25 to give admins time to update.
https://github.com/pixelfed/pixelfed/security/advisories/GHSA-gccq-h3xj-jgvf
dansup
π¨ Pixelfed admins: please update ASAP to v0.11.11 More information will be published on Feb 25 to give admins time to update. https://github.com/pixelfed/pixelfed/security/advisories/GHSA-gccq-h3xj-jgvf 10 comments
dansup
@mdwalters We want to give admins time to update before disclosing more info about the security vulnerability. This is common practice
Emelia πΈπ»
@dansup @mdwalters this is actually consistent with best practices: update immediately / as soon as possible, but we're aware people may take some time to upgrade, so we're allowing two weeks before releasing details. Here's the advisory: https://github.com/pixelfed/pixelfed/security/advisories/GHSA-gccq-h3xj-jgvf
Yaksh Bariya
@thisismissem @dansup @mdwalters doesn't the git commit history already reveal everything? I'm not familiar with pixelfed's codebase, but it wont take me a lot of time to figure it out.
Emelia πΈπ»
@CodingThunder @dansup @mdwalters not necessarily, but if you do go looking, we ask that you keep anything you learn to yourself & wait for the official information on the 25th February. |
@dansup Doneβ