nostr:npub1wahdrf28uf5n5tykfeyzf43sdgg65djvm8re3ulpentr3teaxujs09xc8t ty for the fixes. i updated fluf club and it seems to be running again. do you have any recommendations about regenerating config files if there's a chance that remote attackers may have accessed downloaded something like prod.secret.ex? is that a possibility?
Another Pleroma issue has been found, similar to yesterday's but this one also affects single user instances. Please update your servers once more, akkoma also has the same patch.
https://pleroma.social/announcements/2023/08/05/pleroma-security-release-2.5.4/
Thanks again to everyone involved in reporting and fixing this!
Discussion
nostr:npub106dam65ww9ztdqj26xvh08dyuc7lj7nmkrtrujwsmyq2n6g3r33saq3m89 lanodan wrote about it here: https://lain.com/notice/AYQCyWT0vMQueVa1HE