What is Nostr?
Taggart :donor: /
npub14xx…cfzw
2024-07-03 16:19:11
in reply to nevent1q…5dan

Taggart :donor: on Nostr: Misskey and forks are vulnerable. > The recent CVE-2024-29510 vulnerability (Remote ...

Misskey and forks are vulnerable.

> The recent CVE-2024-29510 vulnerability (Remote Code Execution in Ghostscript) has been found to be exploitable against Sharkey and other Misskey-based software under specific environments. This is not a vulnerability in Sharkey itself, but in an optional dependency that may be installed as a system library. The official Sharkey docker images are not vulnerable, but bare-metal installations may be affected.
>
> An instance may be vulnerable if:
> - libgs and imagemagick are both installed.
> - libgs is older than 10.02.1, 10.01.2, 9.55.0, or 9.50.
>
> __To check the version of libgs:__
> - Execute dpkg -l | grep -P "ii\s+libgs\d".
> - If no results are found, then libgs is not installed and not vulnerable.
> - If the third column starts with 10.02.1, 10.01.2, 9.55.0, or 9.50, then libgs is patched and not vulnerable.
> - Otherwise, libgs is vulnerable.
>
> To patch the vulnerability:
> - Update libgs to the latest available version. The instructions will vary between environments.
Author Public Key
npub14xx8pgqrkzr5wg8afzflp2724gjyvyxurhrfyk9739fu892p2evqhwcfzw