pub-solar/infra
6
1
Fork 3
Code Issues 23 Pull requests 10 Actions Packages Projects 1 Releases Wiki Activity

security: update mastodon to 4.2.10 #212

Merged
teutat3s merged 1 commit from mastodon-4.2.10 into main 2024-07-05 10:16:39 +00:00
Conversation 0 Commits 1 Files changed 3 +34
teutat3s commented 2024-07-05 10:00:13 +00:00
Owner
Copy link

Early pull in mastodon security update.

https://github.com/mastodon/mastodon/releases/tag/v4.2.10

* Fix incorrect permission checking on multiple API endpoints (GHSA-58x8-3qxw-6hm7)
* Fix incorrect authorship checking when processing some activities (CVE-2024-37903, GHSA-xjvf-fm67-4qc3)
* Fix ongoing streaming sessions not being invalidated when application tokens get revoked (GHSA-vp5r-5pgw-jwqx)
Early pull in mastodon security update. https://github.com/mastodon/mastodon/releases/tag/v4.2.10 ``` * Fix incorrect permission checking on multiple API endpoints (GHSA-58x8-3qxw-6hm7) * Fix incorrect authorship checking when processing some activities (CVE-2024-37903, GHSA-xjvf-fm67-4qc3) * Fix ongoing streaming sessions not being invalidated when application tokens get revoked (GHSA-vp5r-5pgw-jwqx) ```
teutat3s requested review from b12f 2024-07-05 10:00:20 +00:00
teutat3s requested review from hensoko 2024-07-05 10:00:20 +00:00
teutat3s requested review from axeman 2024-07-05 10:00:20 +00:00
hensoko approved these changes 2024-07-05 10:01:28 +00:00
b12f approved these changes 2024-07-05 10:01:30 +00:00
teutat3s force-pushed mastodon-4.2.10 from 54347cfe0e to f8f67b8908 2024-07-05 10:03:20 +00:00 Compare
teutat3s merged commit 9e2d9a06b3 into main 2024-07-05 10:16:39 +00:00
teutat3s deleted branch mastodon-4.2.10 2024-07-05 10:16:39 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
axeman
hensoko
b12f
Labels
Clear labels   
Bug

   
Docs

   
Feature request

   
Good for newcomers

   
Infra

   
Privacy

   
Refactoring or migration

   
Security
No labels
Bug
Docs
Feature request
Good for newcomers
Infra
Privacy
Refactoring or migration
Security
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: pub-solar/infra#212
No description provided.
Delete branch "mastodon-4.2.10"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?