Bobinas P4G
  • Login

  • Public

    • Public
    • Groups
    • Popular
    • People

Conversation

Notices

  1. jejune :abunhdhappy: (kaniini@pleroma.site@pleroma.site)'s status on Thursday, 23-Aug-2018 01:44:36 UTC jejune :abunhdhappy: jejune :abunhdhappy:
    pleroma folks: update your instances NOW.

    there is a serious denial of service vulnerability that is trivial to leverage: if an attacker sends an otherwise valid Activity to us without a valid ID, pleroma will wind up inserting a node into it's object graph with an empty ID.

    if you cannot rebase your tree on latest, the necessary patches are here: https://git.pleroma.social/pleroma/pleroma/merge_requests/286.
    In conversation Thursday, 23-Aug-2018 01:44:36 UTC from pleroma.site permalink

    Attachments


    • 御園はくい repeated this.

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • Privacy
  • Source
  • Version
  • Contact

Bobinas P4G is a social network. It runs on GNU social, version 2.0.1-beta0, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All Bobinas P4G content and data are available under the Creative Commons Attribution 3.0 license.