Conversation

Notices

1.  (mint@ryona.agency)'s status on Monday, 07-Aug-2023 20:50:36 JST 
   
   cheese.png
   • LS (lain@lain.com)'s status on Monday, 07-Aug-2023 21:01:42 JST LS

     in reply to
     @mint :pensiverat:
   • PC-9801 Enjoyer (pawlicker@bae.st)'s status on Monday, 07-Aug-2023 21:13:55 JST PC-9801 Enjoyer

     in reply to
     @mint bluesky: the nuthouse of social media
      likes this.
   •  (mint@ryona.agency)'s status on Thursday, 31-Aug-2023 05:22:11 JST 

     in reply to
     Thanks to some shared insider info, it's more topical than ever. Let's just say attributedTo is very important.
   • burner (burner@norwoodzero.net)'s status on Thursday, 31-Aug-2023 05:30:10 JST burner

     in reply to
     next big vuln I'll probably just turn my instance off until it's fixed
   •  (mint@ryona.agency)'s status on Thursday, 31-Aug-2023 05:30:10 JST 

     in reply to

     • burner
     @burner If you're singleuser, there's once again nothing to worry about.
   • burner (burner@norwoodzero.net)'s status on Thursday, 31-Aug-2023 05:31:05 JST burner

     in reply to
     okay cool
     
     I'm glorified single user, yeah
      likes this.
   • teknomunk (teknomunk@apogee.polaris-1.work)'s status on Thursday, 31-Aug-2023 05:40:41 JST teknomunk

     in reply to

     • burner
     @mint @burner Most of these recent vulnerabilities have only been exploitable if there are multiple people on the server, right?
     
     Every time a new vulnerability is announced, I start worrying if I introduced the same vulnerability into my server.
      likes this.
   •  (mint@ryona.agency)'s status on Thursday, 31-Aug-2023 05:47:32 JST 

     in reply to

     • teknomunk
     • burner
     @teknomunk @burner This vulnerability, if it can be called so (as another guy just pointed out, this might've been more of an open secret; scopes are just suggestions), has more to do with Pleroma's internal representation of some metadata. If you aren't blindly copying its schema, it should be fine.
   • † top dog :pedomustdie: (dcc@annihilation.social)'s status on Thursday, 31-Aug-2023 05:50:54 JST † top dog :pedomustdie:

     in reply to

     • teknomunk
     • burner
     @mint @teknomunk @burner Whats the new (real) vulnerability?
   •  (mint@ryona.agency)'s status on Thursday, 31-Aug-2023 05:50:54 JST 

     in reply to

     • teknomunk
     • † top dog :pedomustdie:
     • burner
     @dcc @teknomunk @burner Not saying unless the original reporter (the little sister) is willing so.
   • :blank: (i@declin.eu)'s status on Thursday, 31-Aug-2023 05:51:22 JST :blank:

     in reply to

     • teknomunk
     • † top dog :pedomustdie:
     • burner
     @dcc @teknomunk @burner @mint sequential numbers considered harmful
      likes this.
   • burner (burner@norwoodzero.net)'s status on Thursday, 31-Aug-2023 05:59:24 JST burner

     in reply to

     • teknomunk
     @mint @teknomunk does this affect Akkoma and other forks as well?
   •  (mint@ryona.agency)'s status on Thursday, 31-Aug-2023 05:59:24 JST 

     in reply to

     • teknomunk
     • burner
     @burner @teknomunk I believe so. None of them changed this behavior to my knowledge.