Page MenuHomePhabricator

Recent Posts

requests-cache security incident

Written by RhinosF1 on Fri, Mar 26, 6:12 PM in General.

At 16:38 on 26 March 2021, Automated monitoring alerted our team via Synk that a packaged used on our Beta instance was vulnerable to Arbitrary Code Execution. Within an hour, we determined there was no risk.

Read more...

HTTPS by default

Written by RhinosF1 on Fri, Mar 26, 5:46 PM in General.

As of today (16 March 2021), @RhinosF1 was able to confirm with HSTS Preload that we are now on the list.

Read more...

Continued migration of services from *.miraheze.wiki to *.mirahezebots.org domain

Written by Dmehus on Mar 5 2021, 2:14 PM in General.

As noted by the MirahezeBots system administrators in this status update, system maintenance is planned for approximately 60-90 minutes on 8 March 2021 from 10:25 AM-11:50 AM.

Read more...

Announcing MirahezeBot version 9.1.1

Written by Dmehus on Feb 26 2021, 3:20 PM in General.

A small update from the MirahezeBots team...version 9.1.1 has been deployed. You can see the changelog update here in this commit. It's essentially a minor update to correct some development prerequisites that had been preventing causing errors alongside channelmgnt v2 and core developer installs. As such, expect version 10.0.0 to be a robust, feature-rich update.

Read more...

New Volunteers

Written by RhinosF1 on Feb 24 2021, 7:43 PM in General.

24 FEBRUARY 2021

Read more...

12 October 2020 Security incident

Written by RhinosF1 on Oct 12 2020, 8:54 PM in General.

At 18:40 UK time 12 October 2020, A malicious user exploited a security bug (T117: [CVE-2020-15251] makemodechange failed to check access on restricted changes for self actions allowing ACL bypass {Version 9.0.0 - 9.0.2}) on our production channel in front of us.

Read more...