Lauren Weinstein on Nostr: The Gods of Mastodon went ahead and released a major security update to #Mastodon ...
The Gods of Mastodon went ahead and released a major security update to #Mastodon today, July 4, Independence Day -- one of the most major U.S. holidays, when families are out and about and administrators are unlikely to be around to apply the upgrade quickly as the scope of the issues becomes widely known.
They did this despite calls from security professionals not to do major security releases on major holidays unless there was significant active exploitation of the bugs, which does not appear to be the case for this release -- at least up to the time today that they released the code showing the exploits!
You can find the release info here:
https://github.com/mastodon/mastodon/releases/tag/v4.2.10
THIS is one of the reasons why Mastodon will never be a major player, because it is being handled like an amateur toy, not a professional system for people to rely on for anything of any importance at all.
I could never in good faith recommend Mastodon/Fediverse as anything other than a plaything. So much potential being flushed down the sewer unnecessarily.
They did this despite calls from security professionals not to do major security releases on major holidays unless there was significant active exploitation of the bugs, which does not appear to be the case for this release -- at least up to the time today that they released the code showing the exploits!
You can find the release info here:
https://github.com/mastodon/mastodon/releases/tag/v4.2.10
THIS is one of the reasons why Mastodon will never be a major player, because it is being handled like an amateur toy, not a professional system for people to rely on for anything of any importance at all.
I could never in good faith recommend Mastodon/Fediverse as anything other than a plaything. So much potential being flushed down the sewer unnecessarily.