Security and Performance Improvements
https://join-lemmy.org/news/2023-07-11_-_Lemmy_Release_v0.18.2
Latest Backend (BE) Release Candidate (RC)
- Latest Release
Candidate:
https://github.com/LemmyNet/lemmy/releases/tag/0.18.2 - Compare with previous Release:
https://github.com/LemmyNet/lemmy/compare/0.18.1...0.18.2 - Compare with release/v0.18:
https://github.com/LemmyNet/lemmy/compare/0.18.2...release/v0.18
Latest Frontend (UI) Release Candidate (RC)
- Latest Release
Candidate:
https://github.com/LemmyNet/lemmy-ui/releases/tag/0.18.2 - Compare with previous Release:
https://github.com/LemmyNet/lemmy-ui/compare/0.18.1...0.18.2 - Compare with release/v0.18:
https://github.com/LemmyNet/lemmy-ui/compare/0.18.2...release/v0.18
You must log in or # to comment.
BE ➡ 0.18.2-rc.2 | UI ➡ 0.18.2-rc.2
Now using release branches (
release/v0.18
) forBE
andUI
BE ➡ 0.18.2 | UI ➡ 0.18.2
@meldrik@lemmy.wtf
Probably does not hurt to upgrade, despite the fact that we didn’t have any custom emojis.Additionally it disallows inline Javascript using Content Security Policy. This should ensure that XSS vulnerabilities are impossible from now on.
@meldrik@lemmy.wtf If
lemmy.wtf
is using custom emojis, you should probably update to the latest UI Release Candidate, i. e. the latest lemmy-ui docker image.It is not, so we are safe.