See Here, Here and Here for information about the current situation and the exploits being used.

— UPDATE

Lemm.ee Admin @sunarus responded Here, TLDR is that Lemm.ee isn’t vulnerable, would advise reading the message if you’re still concerned.

  • aCosmicWave@lemm.ee
    link
    fedilink
    arrow-up
    10
    ·
    1 year ago

    You rock! Sorry if this is a stupid question, but if both instances are running the same version of Lemmy, why would lemmy.world be affected but not lemm.ee?

    • TWeaK@lemm.ee
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      It should be said that the version number is more of an indication than anything specific. I don’t think it would be hard for an instance to spoof its version number.

      Also, lemm.ee in particular has a few mods and tricks that might not be in the lemmy codebase yet - @[email protected] has previously included new code he has pushed to the main stack before it has been accepted. This allowed us to have working versions of things before other instances.

      Point being, two instances with the same version can have different code and implementations.