This issue is already quite widely publicized and quite frankly “we’re handling it and removing this” is a much more harmful response than I would hope to see. Especially as the admins of that instance have not yet upgraded the frontend version to apply the urgent fix.
It’s not like this was a confidential bug fix, this is a zero day being actively exploited. Please be more cooperative and open regarding these issues in your own administration if you’re hosting an instance. 🙏
This is my take on it. I am running Lemmy in a docker using the dessalines image. I hope that there will be an update come this afternoon.
There’s already an update available, but it’s for
lemmy-ui
notlemmy
. Just update the tag to0.18.2-rc.1
and you’ll have this fix.This is probably a dumb question but I used the Ansible install for Lemmy and just did a git pull and --become again but UI wasn’t updated so I assume 0.18.2 isn’t in release yet (which is fine) but is there documentation on updating UI? I see where it’s showing in the docker-compose.yml file but I am uncertain what to do after changing it there (or if that’s the right place to change it).
Yep, that’s the plan! Thanks for letting me know. Lemmy is awesome and I am having so much fun with it. I expect it only to get better as the days and weeks progress.
This is probably a dumb question but I used the Ansible install for Lemmy and just did a git pull and --become again but UI wasn’t updated so I assume 0.18.2 isn’t in release yet (which is fine) but is there documentation on updating UI? I see where it’s showing in the docker-compose.yml file but I am uncertain what to do after changing it there (or if that’s the right place to change it).
There is already an update. 0.18.2-rc1
You can apply it now.
I will have to wait until I can get home from work. Work does deep packet inspection and blocks SSH. I’ve tried doing SSH on port 993, one I know for a fact is open because I get my email that way on my phone and I still get a connection refused. Bunch of fascists!
Woah seriously
Yep, seriously!
You could try using a VPN or some other kind of proxy which wraps your SSH traffic to prevent packet inspection. Then it should look like normal UDP traffic ;)
They block UDP traffic too. I tried some things like that.
Given how strict it is, I assume your company implements some sort of certification such as ISO27001 and really stick their gun on it? So, can you like, not using your company’s wifi on your phone if it’s heavily monitored? Or is the cell reception poor at your office?
I use my employer’s guest wifi. Right now I can’t afford adding the hotspot to my plan.
No need to enable hotspot on your phone. Just install Termux from f-droid if you’re on android, or Prompt if you’re on iOS, and use SSH directly from your phone.
This is probably a dumb question but I used the Ansible install for Lemmy and just did a git pull and --become again but UI wasn’t updated so I assume 0.18.2 isn’t in release yet (which is fine) but is there documentation on updating UI? I see where it’s showing in the docker-compose.yml file but I am uncertain what to do after changing it there (or if that’s the right place to change it).