Mastodon security update 4.1.3
-
"️ We are planning to release important security fixes for #Mastodon on July 6th, between 13:00 and 15:00 UTC. They will be available for the 4.1, 4.0 and 3.5 versions as well as a nightly release, to make the upgrade as small and painless for everyone as possible. Be ready to upgrade!"
https://mastodon.social/@Mastodon/110644992947398414 -
Just received this mail from join Mastodon.
As you may be aware, we are going to release critical security updates on July 6th, between 13:00 UTC and 15:00 UTC.
These updates will be available as 4.1.3, 4.0.5, and 3.5.9, and the fixes will also be merged into the main branch and in a Docker build tagged nightly-2023-07-06-security.
Those updates address critical security issues that were uncovered during a security audit, and we have no reason to believe have been exploited in the wild.
If your server is managed by masto.host, fedi.monster, or Spacebear, you have nothing to do, as we are already in contact with them
-
-
You can always track https://git.cloudron.io/cloudron/mastodon-app/
(but yes, it's getting updated as we speak)
-
Thanks @girish - it'll be funny to see if Cloudron or the official Docker image will be completed first. You can still win the race
Mastodon announced that they will publish details about the security issues after they have released the Docker image. -
It's out now.
edit: did I win ?
-
-