Hollo :hollo: @hollo@hollo.social
Public

🚨 보안 업데이트: Hollo 0.6.5 릴리스

CVE-2025-53941 취약점을 해결하는 0.6.5를 릴리스했습니다. 연합 게시물의 HTML 주입 취약점이 수정되었습니다.

피싱 및 XSS 공격으로부터 인스턴스를 보호하기 위해 즉시 업데이트해 주세요.

업데이트 방법:

  • Railway: 배포 탭 → 점 세 개 클릭 → Redeploy
  • Docker: docker pull ghcr.io/fedify-dev/hollo:latest 후 재시작
  • 수동: git pull origin stable && pnpm install 후 서버 재시작

Released on Juily 17, 2025. Fixed an HTML injection vulnerability where form elements, scripts, and other potentially dangerous HTML tags in federated posts were not properly sanitized before rend...

Release Hollo 0.6.5 · fedify-dev/hollo

Released on Juily 17, 2025. Fixed an HTML injection vulnerability where form elements, scripts, and other potentially dangerous HTML tags in federated posts were not properly sanitized before rend...

github.com · GitHub

Hollo :hollo: @hollo@hollo.social
Public

🚨 セキュリティアップデート:Hollo 0.6.5 リリース

CVE-2025-53941のセキュリティ脆弱性を修正したHollo 0.6.5をリリースしました。連合投稿のHTMLインジェクション脆弱性が修正されています。

フィッシングやXSS攻撃からインスタンスを保護するため、今すぐアップデートしてください

アップデート方法:

  • Railway:デプロイメント → 縦3点クリック → Redeploy
  • Docker:docker pull ghcr.io/fedify-dev/hollo:latest して再起動
  • 手動:git pull origin stable && pnpm install してサーバー再起動

Released on Juily 17, 2025. Fixed an HTML injection vulnerability where form elements, scripts, and other potentially dangerous HTML tags in federated posts were not properly sanitized before rend...

Release Hollo 0.6.5 · fedify-dev/hollo

Released on Juily 17, 2025. Fixed an HTML injection vulnerability where form elements, scripts, and other potentially dangerous HTML tags in federated posts were not properly sanitized before rend...

github.com · GitHub

1
1
0

If you have a fediverse account, you can quote this note from your own instance. Search https://hollo.social/@hollo/01981632-8469-7236-ac75-fbf22b5be0e2 on your instance and quote it. (Note that quoting is not supported in Mastodon.)