Michael Stanclift on Nostr: Mastodon patches which address CVE-2024-23832 have been released. It addresses a flaw ...
Mastodon patches which address CVE-2024-23832 have been released. It addresses a flaw in ActivityPub origin validation.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23832
https://github.com/mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw
(More details forthcoming)
4.2.5
https://github.com/mastodon/mastodon/releases/tag/v4.2.5
4.1.13
https://github.com/mastodon/mastodon/releases/tag/v4.1.13
4.0.13
https://github.com/mastodon/mastodon/releases/tag/v4.0.13
3.5.17
https://github.com/mastodon/mastodon/releases/tag/v3.5.17
#MastoAdmin running 4.2 or higher should get alerts in their dashboards and via email to apply this critical update.
Docker images:
https://hub.docker.com/r/tootsuite/mastodon
https://github.com/orgs/mastodon/packages?repo_name=mastodon
The Mastodon team has created patches for major forks so Glitch, Hometown, and Fedibird should also have updates.
#MastoAdmin
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23832
https://github.com/mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rw
(More details forthcoming)
4.2.5
https://github.com/mastodon/mastodon/releases/tag/v4.2.5
4.1.13
https://github.com/mastodon/mastodon/releases/tag/v4.1.13
4.0.13
https://github.com/mastodon/mastodon/releases/tag/v4.0.13
3.5.17
https://github.com/mastodon/mastodon/releases/tag/v3.5.17
#MastoAdmin running 4.2 or higher should get alerts in their dashboards and via email to apply this critical update.
Docker images:
https://hub.docker.com/r/tootsuite/mastodon
https://github.com/orgs/mastodon/packages?repo_name=mastodon
The Mastodon team has created patches for major forks so Glitch, Hometown, and Fedibird should also have updates.
#MastoAdmin