this post was submitted on 10 Jul 2023
39 points (95.3% liked)

Mander

432 readers
3 users here now

founded 2 years ago
MODERATORS
Sal@mander.xyz
39
lemmy.world seems to have been hacked. (mander.xyz)
submitted 1 year ago by fossilesque@mander.xyz to c/mander@mander.xyz
12 comments fedilink hide all child comments
 

You guys may want to avoid it until they can sort it out.

top 10 comments
sorted by: hot top controversial new old
[–] Sal@mander.xyz 19 points 1 year ago* (last edited 1 year ago) (3 children)

Thank you very much for the heads-up! Without this warning I would've gone into my day without patching this...

I've looked looked into it and it turns out that Mander was indeed vulnerable to the exploit, but I can confirm that the exploit was not used here. I've taken the steps that make us no longer vulnerable to this attack. It is best not to release more specific information here because of the nature of the exploit, but if an admin reads this and doesn't know where to find this information they can send me a private message. It is Lemmy-specific, and affects versions >= 0.18.0

EDIT: The details of the vulnerability have now been more publicly released. You can find the details here: https://mander.xyz/post/1080833

[–] GlennMagusHarvey@mander.xyz 3 points 1 year ago

Thank you for being a responsible and responsive admin!

[–] FlyingSquid@mander.xyz 3 points 1 year ago

Thanks as always for your attentiveness and good work!

[–] CamilleMellom@mander.xyz 1 points 1 year ago

Thanks for being so responsive!

[–] SnailMagnitude@mander.xyz 3 points 1 year ago (1 children)

maybe just me....but there is no link

[–] fossilesque@mander.xyz 6 points 1 year ago (1 children)

I did not link it on purpose. To save you time, tl;dr sketchy links and racial slurs.

[–] SnailMagnitude@mander.xyz 1 points 1 year ago (1 children)

seems to have been hacked...I would like a source

sketchy links with racial slurs are better than nothing

[–] Sterile_Technique@kbin.social 7 points 1 year ago (1 children)

Logged in about an hour ago; promptly redirected to an image of two old men giving eachother a blowjob.

Didn't stick around long enough to grab a link lol - lemmy.world is definitely compromised at the moment.

[–] CamilleMellom@mander.xyz 2 points 1 year ago

It seems that the problem is fixed now but the fix is not yet in upstream (should be soon).

load more comments
view more: next ›