Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking
Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking

arstechnica.com
Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking

It looks like SDF's Mastodon instance (v4.0.2) is vulnerable, and requires patching to either 4.1.3 or 4.0.5. I don't want to back-seat admin, but I know the SDF crew have a lot on their plate. Are they aware of this vulnerability?
EDIT: The instance has now been updated to v4.0.5!