There is some information about a vulnerability in the Lemmy frontend.
So I have questions for the SDF mods and admins.
- Has this affected our instance in any way?
- Has the fix been applied to our frontend?
Or is our instance like the Elusive Joe, and we’re not so big yet that we’re worth hacking?
This seems like a rather new situation. The Github links below seem to mention that other instances were also suffering problems.
https://github.com/LemmyNet/lemmy-ui/issues/1895
https://github.com/LemmyNet/lemmy-ui/pull/1897
It appears like a fix was only made available about an hour ago.
https://github.com/LemmyNet/lemmy-ui/issues/1895#issuecomment-1629219976
Earlier this morning all four lemmy (lemmy.sdf.org, lemmy.sdfeu.org lemmy.sdfjp.org and lemmy.sdfcn.org) instances were updated to UI: 0.18.2-rc.1 BE: 0.18.1-10-g9c2490d4f.
Oh, exactly! There’s a pinned post in the community that reports Lemmy version updates on the server.
changing your settings (which shows your e-mail)
Do some instances require an email address? SDF didn’t when I signed up, which I thought was awesome.
Some do. E.g. lemmy.world.
For some instances, email can be filled and isn’t mandatory. E.g. beehaw.org.
