Self-hosting

3923 readers

84 users here now

Hosting your own services. Preferably at home and on low-power or shared hardware.

Also check out:

founded 3 years ago

MODERATORS

poVoq@slrpnk.net

sam_uk@slrpnk.net

PSA: If you are running a Matrix homeserver written in Rust, you'll need to upgrade NOW (self.selfhosting)

submitted 7 hours ago* (last edited 6 hours ago) by stratself to c/selfhosting@slrpnk.net

0 comments fedilink hide all child comments

There is a recently discovered critical vulnerability that affects all Matrix homeservers of the Conduit lineage. If you're using a Rust-based Matrix server (which are basically Conduit and forks), please urgently upgrade to the following versions:

continuwuity: version 0.5.0
tuwunel: version 1.4.8
grapevine: commit 9a50c24
conduit: v0.10.10
conduwuit: upgrade to the latest version of either tuwunel or continuwuity

If you're not able to upgrade right now, you should urgently implement this workaround in your reverse proxy.

Attackers exploiting this flaw can arbitrarily kick any user out of a room, join rooms unauthorized on the same server, and can also ban same-server users. They effectively constitute a severe denial of service from an unauthenticated party, and it has been exploited in the wild.

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here