security: update mastodon to 4.2.10 #212

Merged
teutat3s merged 1 commit from mastodon-4.2.10 into main 2024-07-05 10:16:39 +00:00
Owner

Early pull in mastodon security update.

https://github.com/mastodon/mastodon/releases/tag/v4.2.10

* Fix incorrect permission checking on multiple API endpoints (GHSA-58x8-3qxw-6hm7)
* Fix incorrect authorship checking when processing some activities (CVE-2024-37903, GHSA-xjvf-fm67-4qc3)
* Fix ongoing streaming sessions not being invalidated when application tokens get revoked (GHSA-vp5r-5pgw-jwqx)
Early pull in mastodon security update. https://github.com/mastodon/mastodon/releases/tag/v4.2.10 ``` * Fix incorrect permission checking on multiple API endpoints (GHSA-58x8-3qxw-6hm7) * Fix incorrect authorship checking when processing some activities (CVE-2024-37903, GHSA-xjvf-fm67-4qc3) * Fix ongoing streaming sessions not being invalidated when application tokens get revoked (GHSA-vp5r-5pgw-jwqx) ```
teutat3s requested review from b12f 2024-07-05 10:00:20 +00:00
teutat3s requested review from hensoko 2024-07-05 10:00:20 +00:00
teutat3s requested review from axeman 2024-07-05 10:00:20 +00:00
hensoko approved these changes 2024-07-05 10:01:28 +00:00
b12f approved these changes 2024-07-05 10:01:30 +00:00
teutat3s force-pushed mastodon-4.2.10 from 54347cfe0e to f8f67b8908 2024-07-05 10:03:20 +00:00 Compare
teutat3s merged commit 9e2d9a06b3 into main 2024-07-05 10:16:39 +00:00
teutat3s deleted branch mastodon-4.2.10 2024-07-05 10:16:39 +00:00
Sign in to join this conversation.
No reviewers
No milestone
No project
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: pub-solar/infra#212
No description provided.