v4.6.0-beta.1

WarningThis is a pre-release! This has not been as widely tested as regular releases, although it is still tested on some servers. If you update to this release, you will not be able to safely downgrade to the existing stable releases. You will,...

https://github.com/glitch-soc/mastodon/releases/tag/v4.6.0-beta.1

#glitchsoc #glitch #mastodon #mastoadmin

Today I had the issue of not being able to login to my fedisocial.de instance anymore, which is authenticating against LDAP. Yesterday I switched to #glitchsoc and apparently it's either an issue with glitchsoc itself or with thet new base of Mastodon v4.6 beta.

If you are running the latest glitch-soc/Mastodon on Rails 8 / Ruby 3+ and your LDAP login suddenly breaks with an Error 500, you are likely hitting a

FrozenError.The Issue: FrozenError (can't modify frozen Hash) in app/models/concerns/user/ldap_authenticable.rb:61The Cause: OpenSSL::SSL::SSLContext::DEFAULT_PARAMS is now frozen by default. The .tap block trying to inject verify_mode directly triggers the crash.

The Fix: Create a mutable copy using .dup before calling .tap on the parameters:rubytls_options: OpenSSL::SSL::SSLContext::DEFAULT_PARAMS.dup.tap { |options| options[:verify_mode] = OpenSSL::SSL::VERIFY_NONE if Devise.ldap_tls_no_verify },

Tested & works on my instance. Hope this saves someone a headache!

As I don't have any Github account anymore and there doesn't seem to be a mail address for bug reports... maybe a developer finds this...

#glitch #mastoadmin

Theoretisch funktionieren Collections bzw. Sammlungen in der Meerjungfrauengrotte, seitdem wir auf die erste Beta von Mastodon 4.6 (+glitch) aktualisiert haben.

In der Praxis hakt es leider noch. Nicht alle Accounts, die es in ihren Einstellungen aktiviert haben, können tatsächlich in Sammlungen aufgenommen werden.

Ich weiß leider nicht, woran es hakt.

Im Prinzip sollte es reichen, in "Einstellungen - Datenschutz und Reichweite" die Option "Mich beim Entdecken berücksichtigen" zu aktivieren.

Danach sollte ein anderes Konto das Profil einer Sammlung hinzufügen können. Nur leider klappt das nicht immer.

#Sammlungen #Collections #Mastodon46Update #GlitchSoc

v4.6.0-beta.1

WarningThis is a pre-release! This has not been as widely tested as regular releases, although it is still tested on some servers. If you update to this release, you will not be able to safely downgrade to the existing stable releases. You will,...

https://github.com/glitch-soc/mastodon/releases/tag/v4.6.0-beta.1

#glitchsoc #glitch #mastodon #mastoadmin

v4.4.18

NoteWhile we continue to support Mastodon 4.4 and release patches for it, please note that Mastodon 4.5 is available with new features, changes and fixes. We encourage administrators to update to the latest 4.5 version when they...

https://github.com/glitch-soc/mastodon/releases/tag/v4.4.18

#glitchsoc #glitch #mastodon #mastoadmin

v4.5.11

Changelog Security Fix allowed attribution domains spoofing (GHSA-rwcw-vq68-g34p) Fix uncaught exception in message sanitization causing Denial of Service (GHSA-qrgq-9fx2-vf2r) Update dependencies Fixed Fix remote statuses with large media...

https://github.com/glitch-soc/mastodon/releases/tag/v4.5.11

#glitchsoc #glitch #mastodon #mastoadmin

An alle auf https://lsbt.me

Unsere Instanz ist auf der aktuellsten, stabilen Glitchsoc Version. Damit sind (unter Anderem) folgende kritische Sicherheitslücken behoben und geschlossen:

• Linked-Data Signature bypass through JSON-LD graph restructuring features
• SSRF protection bypass

Viel Spaß! 🙂

LG Christin

#upgrade #update #mastodon #glitchsoc #ssrf #jsonld #lsbt

please share my fren 

#fedi #glitchsoc #mastodon #fediverse #plushtodon