This issue is already quite widely publicized and quite frankly “we’re handling it and removing this” is a much more harmful response than I would hope to see. Especially as the admins of that instance have not yet upgraded the frontend version to apply the urgent fix.

It’s not like this was a confidential bug fix, this is a zero day being actively exploited. Please be more cooperative and open regarding these issues in your own administration if you’re hosting an instance. 🙏

  • Guy Fleegman@startrek.website
    link
    fedilink
    English
    arrow-up
    13
    ·
    1 year ago

    Ahh, ok. That’s helpful, thanks!

    This is going to seem silly in the context of such a severe exploit but one quirk about our instance is that we literally do not have a “general discussion” /c/. The biggest one is scoped to Star Trek and so a Lemmy exploit is obviously outside the scope of … Star Trek. I would wager that’s the main reason the mod removed the post, but I will admit that just pointing this out, I feel like the forum mod from the short story Wikihistory.

    I’m in contact with the admins who manage the hosting, they are coordinating an update 0.18.2-rc1 as we speak. Also, there’s already been some discussion about setting up a general discussion /c/ on our instance and so I’ll include instance security in the scope of that /c/.

    You mentioned elsewhere in this thread there is a Lemmy admins Matrix room. Is my instance big enough for my admins to be invited? If yes, who can I point them at to get in?

    • andrew@lemmy.stuart.funOP
      link
      fedilink
      English
      arrow-up
      9
      ·
      1 year ago

      That’s definitely good to hear! Timely upgrades for the bigger communities will be important.

      Afaik the Lemmy Matrix rooms are all public. I wasn’t invited myself; just found them via Matrix search and jumped in.