Conversation
Notices
-
Oneesan succubus (lain@pleroma.soykaf.com)'s status on Sunday, 06-Aug-2023 00:31:35 JST 
Oneesan succubus
Another Pleroma issue has been found, similar to yesterday's but this one also affects single user instances. Please update your servers once more, akkoma also has the same patch.
https://pleroma.social/announcements/2023/08/05/pleroma-security-release-2.5.4/
Thanks again to everyone involved in reporting and fixing this!-
LS (lain@lain.com)'s status on Sunday, 06-Aug-2023 00:31:30 JST 
LS
@hakui @benis @lain @shpuld why not update then... It's two commands... -
御園はくい (hakui@tuusin.misono-ya.info)'s status on Sunday, 06-Aug-2023 00:31:31 JST 
御園はくい
@shpuld @benis @lain i'm on otp.. -
御shp :blobshp: (shpuld@shpposter.club)'s status on Sunday, 06-Aug-2023 00:31:32 JST 
御shp :blobshp:
@hakui @benis @lain just check the commits and apply yourself -
𒐪 (benis@cawfee.club)'s status on Sunday, 06-Aug-2023 00:31:33 JST 
𒐪
@lain oh no, now @hakui will have to upgrade -
御園はくい (hakui@tuusin.misono-ya.info)'s status on Sunday, 06-Aug-2023 00:31:33 JST
御園はくい
@benis @lain any way to patch it without updating -
LS (lain@lain.com)'s status on Sunday, 06-Aug-2023 00:36:12 JST
LS
@hakui @benis @lain @shpuld reading your config files with XML fun -
御園はくい (hakui@tuusin.misono-ya.info)'s status on Sunday, 06-Aug-2023 00:36:13 JST
御園はくい
@lain @benis @lain @shpuld anyway, what's this new exploit about -
御園はくい (hakui@tuusin.misono-ya.info)'s status on Sunday, 06-Aug-2023 00:36:14 JST
御園はくい
@lain @benis @lain @shpuld i suspect updates are a cause of sudden db catastrophical failure -
御園はくい (hakui@tuusin.misono-ya.info)'s status on Sunday, 06-Aug-2023 00:45:28 JST
御園はくい
@lain @benis @lain @shpuld what does secret_key_base and signing_salt do again -
LS (lain@lain.com)'s status on Sunday, 06-Aug-2023 00:45:28 JST
LS
@hakui @benis @lain @shpuld secure your cookies -
御園はくい (hakui@tuusin.misono-ya.info)'s status on Sunday, 06-Aug-2023 00:54:13 JST
御園はくい
@lain @benis @lain @shpuld and what does an attacker get by getting those
make fake cookies of their own? -
LS (lain@lain.com)'s status on Sunday, 06-Aug-2023 00:54:13 JST
LS
@hakui @benis @lain @shpuld yes -
LS (lain@lain.com)'s status on Sunday, 06-Aug-2023 00:55:18 JST
LS
@hakui @benis @lain @eal @rin @shpuld I can help you with the update if you want, but not today -
御園はくい (hakui@tuusin.misono-ya.info)'s status on Sunday, 06-Aug-2023 00:55:19 JST
御園はくい
@shpuld @benis @lain @lain
@eal @rin how did y'all's instances die again -
御園はくい (hakui@tuusin.misono-ya.info)'s status on Sunday, 06-Aug-2023 00:55:20 JST
御園はくい
@shpuld @benis @lain @lain >my problems with upgrade went away by upgrading more
survivorship bias -
御shp :blobshp: (shpuld@shpposter.club)'s status on Sunday, 06-Aug-2023 00:55:20 JST
御shp :blobshp:
@hakui @benis @lain @lain no it was unbearable at 2.4.9 or so, I was afraid 2.5.0 would make it worse but no it fixed perf regressions -
御shp :blobshp: (shpuld@shpposter.club)'s status on Sunday, 06-Aug-2023 00:55:22 JST
御shp :blobshp:
@hakui @benis @lain @lain are you on pg9.6 or something
anyway my problems with upgrade went away by upgrading more, latest versions work just about as smooth as when I started
backup anyway -
cell (cell@pl.ebin.zone)'s status on Sunday, 06-Aug-2023 08:08:22 JST 
cell
@shpuld @benis @lain @lain @hakui 2.4.x nearly killed my instance, but luckily 2.5 fixed the performance regressions LS likes this.
-
All 076萌SNS content and data are available under the