Security
- Fix incorrect permission checking on multiple API endpoints (GHSA-58x8-3qxw-6hm7)
- Fix incorrect authorship checking when processing some activities (CVE-2024-37903, GHSA-xjvf-fm67-4qc3)
- Fix ongoing streaming sessions not being invalidated when application tokens get revoked (GHSA-vp5r-5pgw-jwqx)
Krzysztof Dmowski /
npub1cg…wc26s
2024-07-04 17:54:24
in reply to nevent1q…5d95
Author Public Key
npub1cg33cc9yxt9dmd45jun73gdhn2etwmqa7rf5qcnfc2l5gnfra5us2wc26sPublished at
2024-07-04 17:54:24Event JSON
{
"id": "2dd703411320b5c7b5a5750ed19a562f96921f78c4682734a35e142b4b68776e",
"pubkey": "c2231c60a432caddb6b49727e8a1b79ab2b76c1df0d3406269c2bf444d23ed39",
"created_at": 1720115664,
"kind": 1,
"tags": [
[
"e",
"7a25e08f42a49cdc97ffb65dba0c06ad2313553aa30766eb0cf27a06330a02ae",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://101010.pl/users/xaphanpl/statuses/112729500165913918",
"activitypub"
]
],
"content": "Security\n- Fix incorrect permission checking on multiple API endpoints (GHSA-58x8-3qxw-6hm7)\n- Fix incorrect authorship checking when processing some activities (CVE-2024-37903, GHSA-xjvf-fm67-4qc3)\n- Fix ongoing streaming sessions not being invalidated when application tokens get revoked (GHSA-vp5r-5pgw-jwqx)",
"sig": "84f865390a79b07d476712425838e8feb22605cd6d599ab1d20b708521e9c0de48e5cf29b606aff2f7d6728f76baf1a751a66e7ff78ea927ccb6f9489d882aa2"
}