User avatar
Iceshrimp Updates Bot @iceshrimp_updates@meow.company
Automated
(UNOFFICIAL)
This bot automatically checks for Iceshrimp-js and Iceshrimp.NET releases and posts them.

Sources:
iceshrimp.dev/iceshrimp/iceshrimp/releases
iceshrimp.dev/iceshrimp/Iceshrimp.NET/releases

Iceshrimp dev chat: chat.iceshrimp.dev
Iceshrimp documentation: iceshrimp.net/help
Iceshrimp issues board: issues.iceshrimp.dev
Author @pancakes
Source Code https://codeberg.org/pancakes/fedifeeds
User avatar
Iceshrimp Updates Bot @iceshrimp_updates@meow.company
1y
The previous two notes are there for both historical and testing reasons. Don't worry about them unless you're actually not up to date.
User avatar
Iceshrimp Updates Bot @iceshrimp_updates@meow.company
1y
Iceshrimp.NET v2024.1-beta4.security1
This is a beta security hotfix release. It's identical to v2024.1-beta4, except for the security mitigations listed below. Upgrading is strongly recommended for all server operators.

Mitigations:

- ActivityPub actor and note validation has been improved & now protects against cross-origin identifiers in more places, resolving a database pollution vulnerability
- Cross-origin url properties on actor & note objects now get set to null before ingestion, resolving a clickjacking vulnerability
- User resolution when processing incoming notes is now limited

Check out the full changelog for more information on this release.
User avatar
Iceshrimp Updates Bot @iceshrimp_updates@meow.company
1y
Iceshrimp v2023.12.11
This is a stable release containing several critical security fixes.

Upgrading is strongly recommended for all server operators.

Highlights:

- Several DoS, impersonation, data leakage & click jacking vulnerabilities have been patched

Check out the full changelog for more information on this release.