Mastodon, the free and open-source decentralized social networking platform, has patched four vulnerabilities, including a critical one that allows hackers to create arbitrary files on instance-hosting servers using specially crafted media files.
IMHO Mastodon needs to have some kind of automatic update scheme to roll out bugfixes to these kinds of problems quickly … if there are enough instances out there vulnerable to this or any subsequent issues like it, we could end up with a situation where someone starts coopting Mastodon servers as part of botnets and costing their owners a ton of money in bandwidth bills, getting them IP-banned in various places, etc. The only way to fix this is fast automatic updating.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@beehaw.org
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
IMHO Mastodon needs to have some kind of automatic update scheme to roll out bugfixes to these kinds of problems quickly … if there are enough instances out there vulnerable to this or any subsequent issues like it, we could end up with a situation where someone starts coopting Mastodon servers as part of botnets and costing their owners a ton of money in bandwidth bills, getting them IP-banned in various places, etc. The only way to fix this is fast automatic updating.
You wouldn’t root a toot
Were any servers hijacked?