Thank you for your patience yall. It seems our mitigation efforts worked and we were likely never in danger. If you are concerned about other accounts on affected instances, it is unlikely your personal data was breached. Keep a look out for more info on those instances though as they will likely explain things more.
Thanks for working things out and for keeping us up to date!
Can anyone point me to where they’ve hosted the source code to lemmynsfw.com? 👀
and if you want the specific issue that was this vulnerability: https://github.com/LemmyNet/lemmy-ui/issues/1895
I was just curious because https://the-federation.info/platform/73
Shows that the instance is on “0.18.1-nsfwpatch” so I just wanted to know what’s the changes they had to do from the main repo in the patch
for the nsfw patch itself? probably just some code to halt stuff like blur for nsfw posts and the such. i dont think there is much going on changes wise with the patch. otherwise it is just built on top of the lemmy-ui. IMO
Whatever it may be, it would be nice to see the actual changes done 👍🏻
deleted by creator
Good work, team 👍
@gavi@lemmynsfw.com My Account in this instance gets constantly logged out again from Memmy and Mlem. So I suppose that is an lemmynsfw issue, because my other account at another instance just works fine with both apps.
Could this be a fallout of the server update?
Delete and reinstall the apps, its likely due to mitigation procedures we took.
Thanks!
Glad to hear!