Email or username:

Password:

Forgot your password?
All posts dansup's posts Post Back to profile
dansup

🚨 Pixelfed admins: please update ASAP to v0.11.11

More information will be published on Feb 25 to give admins time to update.

github.com/pixelfed/pixelfed/s

#pixelfed #security #release

10 February at 4:08 | Open on mastodon.social
10 comments
Mitex Leo
Dallas Groot
Oliver :apple_inc:

@dansup β˜‘οΈ - thanks for the info!

10 February at 5:12 | Open on norse.social
Max

@dansup no offense, but you're saying to update asap, but they you're saying that you want to give admins time to update? i kinda find that rather inconsistent

10 February at 5:49 | Open on furry.engineer
dansup

@mdwalters We want to give admins time to update before disclosing more info about the security vulnerability. This is common practice

Cc @thisismissem

10 February at 5:50 | Open on mastodon.social
Emelia πŸ‘ΈπŸ»

@dansup @mdwalters this is actually consistent with best practices: update immediately / as soon as possible, but we're aware people may take some time to upgrade, so we're allowing two weeks before releasing details.

Here's the advisory: github.com/pixelfed/pixelfed/s

10 February at 5:54 | Open on hachyderm.io
Yaksh Bariya

@thisismissem @dansup @mdwalters doesn't the git commit history already reveal everything? I'm not familiar with pixelfed's codebase, but it wont take me a lot of time to figure it out.

10 February at 9:29 | Open on mastodon.social
Emelia πŸ‘ΈπŸ»

@CodingThunder @dansup @mdwalters not necessarily, but if you do go looking, we ask that you keep anything you learn to yourself & wait for the official information on the 25th February.

10 February at 11:22 | Open on hachyderm.io
SuperMoosie
Daniel

@dansup @milan @Cedara FYI ⬆️ , pixel.tchncs ist noch auf 0.11.9

10 February at 23:18 | Open on social.tchncs.de
Go Up