[freifunk-public] Critical vulnerability in Gluon - Bugfix release on Thursday, 2022-05-05

[TheGoliath]

Hi everyone,

we have recently found a critial security vulnerability in Gluon, making a
timely update of all nodes necessary.

The bugfix has not been pushed to the public Gluon repository yet to avoid
disclosing information on this issue. A detailed advisory will be published
at the same time as Gluon 2021.1.2, which will contain the fix.

The release is scheduled for the evening of Thursday, 2022-05-05. As all
previous Gluon releases are affected, we will also provide bugfix backports
for various older release branches that are still in use, regardless of
end-of-life status.

-- NeoRaider

Source:https://lists.freifunk.net/pipermail/firmware-devel-freifunk.net/2022-May/000240.html

I just wanted to send a quick heads up to all Freifunk & Funkfeuer communities, although there
will be some that don't use Gluon as their base firmware.This is also a good time to consider
updating to the latest 2021.1.x version of Gluon, as a significant number of
communities are still running on older versions.

Further documentation can be found here:https://gluon.readthedocs.io/en/latest/

If you have any questions, please feel free to join IRC (see:https://gluon.readthedocs.io/en/latest/dev/basics.html).

Kind regards,
TheGoliath
-------------- nächster Teil --------------
Ein Dateianhang mit HTML-Daten wurde abgetrennt...
URL: <https://lists.hacksaar.de/pipermail/freifunk-public/attachments/20220503/399a2813/attachment.htm>