Lemmy 0.18.2 Security Release
Lemmy 0.18.2 Security Release
Thanks for releasing it so quickly!
This "sunaruas" sounds like a cool guy 😛
Somebody should give that guy a raise!
Glad to see Lemmy is responding quick to exploits. Does Lemmy have a plan to prevent any other exploits that may be lying around such as a routine security audit?
All the code is open source, everyone is welcome to look through it for potential problems and report/fix them. we dont have any money to pay for a professional audit. Maybe there are some organizations which would do audits of open source projects for free, might be worth searching for.
We use sonarqube for code analysis that is pretty nice and has a community edition. It isn't a bullet proof solution, but it is pretty convenient for maintainers and reviewers of PRs. The only thing missing from the enterprise edition are useless flashy dashboards to show to people who don't understand computers
Given that the exploit was literally yesterday, you guys are damn fast!
Yeah this was a fast turnaround, they did a great job. Autocorrect messed me up
Thanks for the prompt fixes
Thank you for reacting so quickly!
Thanks!
Thanks for the quick update on this!
Hey one quick question.. the Ansible playbook doesn't look like it's been updated to 0.18.2 or at least the instructions don't state how to pull it. Any chance this could get fixed/clarified in the release notes?
Its updated: https://github.com/LemmyNet/lemmy-ansible/blob/main/VERSION
You need to run git pull in the repo and then rerun ansible.
is it me or front is broken?
