There is some information about a vulnerability in the Lemmy frontend.
So I have questions for the SDF mods and admins.
- Has this affected our instance in any way?
- Has the fix been applied to our frontend?
Or is our instance like the Elusive Joe, and we’re not so big yet that we’re worth hacking?
Earlier this morning all four lemmy (lemmy.sdf.org, lemmy.sdfeu.org lemmy.sdfjp.org and lemmy.sdfcn.org) instances were updated to UI: 0.18.2-rc.1 BE: 0.18.1-10-g9c2490d4f.
Oh, exactly! There’s a pinned post in the community that reports Lemmy version updates on the server.
This seems like a rather new situation. The Github links below seem to mention that other instances were also suffering problems.
https://github.com/LemmyNet/lemmy-ui/issues/1895
https://github.com/LemmyNet/lemmy-ui/pull/1897
It appears like a fix was only made available about an hour ago.
https://github.com/LemmyNet/lemmy-ui/issues/1895#issuecomment-1629219976
changing your settings (which shows your e-mail)
Do some instances require an email address? SDF didn’t when I signed up, which I thought was awesome.
Some do. E.g. lemmy.world.
For some instances, email can be filled and isn’t mandatory. E.g. beehaw.org.
