Hackers' Pub

Syntax	Description	Examples
`"` keyword `"`	Finds the string within quotes, including spaces. Case-insensitive. (Escape quotes inside with `\"`)	`"Hackers' Pub"`
`from:` handle	Finds content written by the specified user.	`from:hongminhee` `from:hongminhee@hollo.social`
`lang:` ISO 639-1	Finds content written in the specified language.	`lang:en`
`#` tag	Finds content with the specified tag. Case-insensitive.	`#HackersPub`
condition condition	Finds content that satisfies both conditions on either side of the space (logical AND).	`"Hackers' Pub" lang:en`
condition `OR` condition	Finds content that satisfies at least one of the conditions on either side of the OR operator (logical OR).	`#HackersPub OR "Hackers' Pub" lang:en`
`(` condition `)`	Combines the operators within the parentheses first.	`(#HackersPub OR "Hackers' Pub" OR "Hackers Pub") lang:en`

Hollo @hollo@hollo.social

7/17/2025, 2:22:27 AM

Public

🚨 Security Update: Hollo 0.6.5 Released

We've released #Hollo 0.6.5 with a critical #security fix for CVE-2025-53941, addressing an HTML injection vulnerability in federated posts.

Please #update immediately to protect your instance from potential phishing and XSS attacks.

How to update:

Railway: Go to deployments → click three dots → Redeploy
Docker: docker pull ghcr.io/fedify-dev/hollo:latest and restart
Manual: git pull origin stable && pnpm install and restart server

Release Hollo 0.6.5 · fedify-dev/hollo

Released on Juily 17, 2025. Fixed an HTML injection vulnerability where form elements, scripts, and other potentially dangerous HTML tags in federated posts were not properly sanitized before rend...

github.com · GitHub

If you have a fediverse account, you can quote this note from your own instance. Search https://hollo.social/@hollo/01981630-ae67-7005-a7bd-4ab04e215cf0 on your instance and quote it. (Note that quoting is not supported in Mastodon.)