切り替え2クリックだしまぁいいけども(また戻す顔)
Three vulnerabilites are mentioned in the changelogs:
- Fix incorrect URL normalization (CVE-2023-42450)
GHSA-hcqf-fw2r-52g4: https://github.com/mastodon/mastodon/security/advisories/GHSA-hcqf-fw2r-52g4
- Fix missing HTML sanitization in translation API (CVE-2023-42452)
GHSA-2693-xr3m-jhqr: https://github.com/mastodon/mastodon/security/advisories/GHSA-2693-xr3m-jhqr
- Fix incorrect domain name normalization (CVE-2023-42451)
GHSA-v3xf-c9qf-j667: https://github.com/mastodon/mastodon/security/advisories/GHSA-v3xf-c9qf-j667
It seems that the security advisories on GitHub haven't been published yet.
🚨 Mastodon security patch released
The 
Mastodon team has released new versions that fix major security issues.
It is strongly recommended that admins upgrade to the latest version of their branch ASAP.
More information about the security patches are available in the changelog:
4.1.8 https://github.com/mastodon/mastodon/releases/tag/v4.1.8
4.0.10 https://github.com/mastodon/mastodon/releases/tag/v4.0.10
3.5.14 https://github.com/mastodon/mastodon/releases/tag/v3.5.14
4.2.0-rc2 https://github.com/mastodon/mastodon/releases/tag/v4.2.0-rc2
⬇️ More info below
