@kakkokari_gtyih it’s a known akkoma bug (or technically a bug in earmark, the markdown parser it uses) relating to posts beginning with HTML tags that aren’t on their own line

For Akkoma and Pleroma users, this says:

Unofficial Announcement: We just released 2026.5.4-beta.0 of Misskey, which includes important security fixes. Official 2026.5.4, along with security advisory, is expected to be released several hours later due to timezone differences.

RE: https://transfem.social/notes/amhpmefg5yrf003n

@kakkokari_gtyih this post just shows up as "Unofficial Announcement:" on akkoma

@seabass @maddy or you can not bother with JSON-LD at all and remain unaffected like Pleroma and its forks

this article as well as this one from 2018 convinced me that JSON-LD is a bad idea

alright pretty much everyone figured out how it works instantly, and it's been like 40 minutes without mastodon announcing their security release on their fedi profiles despite having the release published on github. heres a post

w.on-t.work/activitypub/may-2026-vulnerability

We just released Mastodon 4.5.10, 4.4.17, and 4.3.23.

These versions contain several medium and high severity security fixes.

Also, please note that this marks the final Mastodon v4.3 update, this branch is now unsupported. If you are still using it, please move to a newer version as soon as possible.

Full release notes and update instructions are available on the GitHub releases page.

https://github.com/mastodon/mastodon/releases

#MastoAdmin

@julia universal? what was the exploit? akkoma did not get an update

@seabass ignoring the broken formatting, all 3 work, but the first takes noticeably longer to resolve (presumably because it's searching the text of all posts for it or something)

@seabass the latter two aren't formatted as links for me

morning!

@kemona_halftau energy consumption can't have been equivalent, how were you measuring it?

if your older laptops didn't have a ULV CPU that would explain the difference. I can't get my ThinkPad T440p (with its 47W TDP definitely-not-ULV i7-4700MQ) to use less than ~15W, but my T480s (with a 15W TDP i5-8250U) uses 2-3W idling with the lid closed. it's a huge difference

(also, nini)

@algernon @pho4cexa @stellarskylark all four of those are already packaged

@pho4cexa @algernon @stellarskylark you might have to write more package definitions, but at least doing is easier with guix than it is with debian

@eloy they forgot the -o in the first gcc invocation in the README (cd pintheft && gcc exp poc.c && ./exp)

@ariadne yes, I agree

@ariadne I suppose that could be the one exception, but I don't really see why the particular characteristic of what genitalia someone has is special or get why people care about other people's genitalia so much. For example, someone might've been traumatized by a person who only had one arm (or any other characteristic, that's just an arbitrary example). Does that mean that we need spaces that exclude people who only have one arm? I don't think so.

new Linux LPE, this time using io_uring. I think it's good to point out this Google security blog from 2023. Sending all kernel commits into an LLM might be somewhat new, the mitigation measures are already old.

also I think io_uring is a very cool technology, it just has it's tradeoffs like everything. That's all :)

@ariadne I do not believe that trans-exclusionary spaces should exist, does that count as demanding access to them?

I switched back to pulseaudio and now it works!?