forked from glitch-soc/mastodon
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
types.pl upgrade to v3.5.5 #8
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ionathanch
changed the title
types.pl upgrade to v3.5.5 (#7)
types.pl upgrade to v3.5.5 (Issue #7)
Nov 17, 2022
ionathanch
changed the title
types.pl upgrade to v3.5.5 (Issue #7)
types.pl upgrade to v3.5.5
Nov 17, 2022
omfg WHY is yarn.lock always missing |
…on#18760) * Add tests * Fix crash when a remote Flag activity mentions a private post
…stodon#20388) The Blurhash library used by Mastodon requires an input encoded as 24 bits raw RGB data. The conversion to raw RGB using Imagemagick did not previously specify the desired bit depth. In some situations, this leads Imagemagick to output in a pixel format using less bpp than expected. This then manifested as segfaults of the Sidekiq process due to out-of-bounds read, or potentially a (highly noisy) memory infoleak. Fixes mastodon#19235.
…todon#20640) Signed-off-by: Claire <claire.github-309c@sitedethib.com> Signed-off-by: Claire <claire.github-309c@sitedethib.com>
mastodon#20641) Signed-off-by: Claire <claire.github-309c@sitedethib.com> Signed-off-by: Claire <claire.github-309c@sitedethib.com>
…b UI Port 625e086 to glitch-soc Signed-off-by: Claire <claire.github-309c@sitedethib.com>
…n#20677) * Fix front-end emoji tests * Fix nodes order being sometimes mangled when rewriting emoji
Port ccbca50 to glitch-soc Signed-off-by: Claire <claire.github-309c@sitedethib.com>
ionathanch
force-pushed
the
types.pl-3.5.5
branch
from
November 17, 2022 16:14
8464581
to
610d453
Compare
Deployed on a new server, looks like the fix works: https://types.ionathan.ch/@systemu/109399991270401485 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Cherry-picked the glitch-soc commits corresponding to v3.5.5 on Mastodon (https://github.com/mastodon/mastodon/commits/v3.5.5), see #7 for deets
The five most recent commits cherry-picked are a security fix for the vulnerability described here: https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp