notestock
2023年9月20日
他の年の同じ日
次の年
2023-09-20 00:10:25 2023-09-20 00:11:43
notestock 公開ページリンク

🚨 Mastodon security patch released

The :mastodon: Mastodon team has released new versions that fix major security issues.
It is strongly recommended that admins upgrade to the latest version of their branch ASAP.

More information about the security patches are available in the changelog:
4.1.8 github.com/mastodon/mastodon/r
4.0.10 github.com/mastodon/mastodon/r
3.5.14 github.com/mastodon/mastodon/r
4.2.0-rc2 github.com/mastodon/mastodon/r

⬇️ More info below

https://github.com/mastodon/mastodon/releases/tag/v4.1.8
Release v4.1.8 · mastodon/mastodon
https://github.com/mastodon/mastodon/releases/tag/v4.0.10
Release v4.0.10 · mastodon/mastodon
https://github.com/mastodon/mastodon/releases/tag/v3.5.14
Release v3.5.14 · mastodon/mastodon
https://github.com/mastodon/mastodon/releases/tag/v4.2.0-rc2
Release v4.2.0-rc2 · mastodon/mastodon
2023-09-20 00:18:00
notestock 公開ページリンク

Three vulnerabilites are mentioned in the changelogs:
- Fix incorrect URL normalization (CVE-2023-42450)
GHSA-hcqf-fw2r-52g4: github.com/mastodon/mastodon/s
- Fix missing HTML sanitization in translation API (CVE-2023-42452)
GHSA-2693-xr3m-jhqr: github.com/mastodon/mastodon/s
- Fix incorrect domain name normalization (CVE-2023-42451)
GHSA-v3xf-c9qf-j667: github.com/mastodon/mastodon/s

It seems that the security advisories on GitHub haven't been published yet.

https://github.com/mastodon/mastodon/security/advisories/GHSA-hcqf-fw2r-52g4
Server-side request forgery
https://github.com/mastodon/mastodon/security/advisories/GHSA-2693-xr3m-jhqr
Stored XSS through the translation feature
https://github.com/mastodon/mastodon/security/advisories/GHSA-v3xf-c9qf-j667
Invalid domain name normalization
2023年9月20日
2023年9月21日
他の年の同じ日
次の年
2023-09-21 00:46:32
notestock 公開ページリンク

New :mastodon: Mastodon bugfix releases

v4.1.9 & v4.0.11 have been released to fix a post translation issue that was introduced in yesterday's update

Check out the changelog for your branch:
4.1.9 github.com/mastodon/mastodon/r
4.0.11 github.com/mastodon/mastodon/r

https://github.com/mastodon/mastodon/releases/tag/v4.1.9
Release v4.1.9 · mastodon/mastodon
https://github.com/mastodon/mastodon/releases/tag/v4.0.11
Release v4.0.11 · mastodon/mastodon
2023-09-21 23:59:27
notestock 公開ページリンク

:mastodon: Mastodon v4.2.0 is officially released!

After months of development and testing, the v4.2 branch is ready for widespread deployment.

➡️ github.com/mastodon/mastodon/r
🎉 Thanks to everyone who contributed and made this release possible!

The changelog provides a comprehensive list of changes, with the most important items highlighted.
Consult the Upgrade overview and Upgrade notes sections to learn more about upgrading to this version.

https://github.com/mastodon/mastodon/releases/tag/v4.2.0
Release v4.2.0 · mastodon/mastodon
2023年9月21日
2023年9月22日
他の年の同じ日
次の年
2023-09-22 00:38:46
notestock 公開ページリンク

A new blog post by @Gargron explains the most important user-facing changes in v4.2:
📰 blog.joinmastodon.org/2023/09/

https://blog.joinmastodon.org/2023/09/mastodon-4.2/
Mastodon 4.2
2023年9月22日