{"id":55658,"date":"2026-05-23T11:38:15","date_gmt":"2026-05-23T09:38:15","guid":{"rendered":"https:\/\/fediverset.dk\/?p=55658"},"modified":"2026-05-23T11:47:16","modified_gmt":"2026-05-23T09:47:16","slug":"sikkerhedsfejl-i-peertube-opdater-asap","status":"publish","type":"post","link":"https:\/\/fediverset.dk\/en\/sikkerhedsfejl-i-peertube-opdater-asap\/","title":{"rendered":"Sikkerhedsfejl i Peertube &#8211; opdat\u00e9r ASAP"},"content":{"rendered":"<p>Teamet bag Peertube har netop udgivet f\u00f8lgende opslag, der beskriver, at der er en sikkerhedsfejl i Peertube-versioner f\u00f8r version 8.1.6, som bliver udnyttet aktivt. Hvis du driver en upatchet Peertube-instans, anbefaler de, at du opdaterer til version 8.1.8, s\u00e5 hurtigt som muligt.<\/p>\n<div class=\"activitypub-embed u-in-reply-to h-cite\">\n<div class=\"activitypub-embed-header p-author h-card\"> <img decoding=\"async\" class=\"u-photo\" src=\"https:\/\/stockage.framapiaf.org\/framapiaf\/accounts\/avatars\/000\/223\/824\/original\/03ed95406a9a3cd0.png\" alt=\"\" \/> <\/p>\n<div class=\"activitypub-embed-header-text\">\n<h2 class=\"p-name\">PeerTube<\/h2>\n<p> <a href=\"https:\/\/framapiaf.org\/users\/peertube\" class=\"ap-account u-url\">@peertube@framapiaf.org<\/a> <\/div>\n<\/p><\/div>\n<div class=\"activitypub-embed-content\">\n<div class=\"ap-subtitle p-summary e-content\">\n<p>**v8.1.8 Important security upgrade**<\/p>\n<p>We have learned that the SQL injection vulnerability fixed in v8.1.6 has been exploited at scale since at least May 18, 2026 and so before the v8.1.6 release.<\/p>\n<p>We released a new version that remove all user token access gained before v8.1.6. We also explain the attack in the changelog and the countermeasures taken by this release.<\/p>\n<p>**Please upgrade to v8.1.8 as soon as possible.**<\/p>\n<p><a href=\"https:\/\/github.com\/Chocobozzz\/PeerTube\/releases\/tag\/v8.1.8\" target=\"_blank\" rel=\"nofollow noopener\"><span class=\"invisible\">https:\/\/<\/span><span class=\"ellipsis\">github.com\/Chocobozzz\/PeerTube<\/span><span class=\"invisible\">\/releases\/tag\/v8.1.8<\/span><\/a><\/p>\n<\/div><\/div>\n<div class=\"activitypub-embed-meta\"> <a href=\"https:\/\/framapiaf.org\/users\/peertube\/statuses\/116623136360471092\" class=\"ap-stat ap-date dt-published u-in-reply-to\">23. May 2026, 9:17<\/a> <span class=\"ap-stat\"> <strong>16<\/strong> boosts <\/span> <span class=\"ap-stat\"> <strong>5<\/strong> favorites <\/span> <\/div>\n<\/p><\/div>\n<style>\/** * ActivityPub embed styles. *\/ .activitypub-embed { background: #fff; border: 1px solid #e6e6e6; border-radius: 12px; padding: 0; max-width: 100%; font-family: -apple-system, BlinkMacSystemFont, \"Segoe UI\", Roboto, Helvetica, Arial, sans-serif; } .activitypub-reply-block .activitypub-embed { margin: 1em 0; } .activitypub-embed-header { padding: 15px; display: flex; align-items: center; gap: 10px; } .activitypub-embed-header img { width: 48px; height: 48px; border-radius: 50%; } .activitypub-embed-header-text { flex-grow: 1; } .activitypub-embed-header-text h2 { color: #000; font-size: 15px; font-weight: 600; margin: 0; padding: 0; } .activitypub-embed-header-text .ap-account { color: #687684; font-size: 14px; text-decoration: none; } .activitypub-embed-content { padding: 0 15px 15px; } .activitypub-embed-content .ap-title { font-size: 23px; font-weight: 600; margin: 0 0 10px; padding: 0; color: #000; } .activitypub-embed-content .ap-subtitle { font-size: 15px; color: #000; margin: 0 0 15px; } .activitypub-embed-content .ap-preview { border: 1px solid #e6e6e6; border-radius: 8px; box-sizing: border-box; display: grid; gap: 2px; grid-template-columns: 1fr 1fr; grid-template-rows: 1fr 1fr; margin: 1em 0 0; min-height: 64px; overflow: hidden; position: relative; width: 100%; } .activitypub-embed-content .ap-preview img { border: 0; box-sizing: border-box; display: block; height: 100%; object-fit: cover; overflow: hidden; position: relative; width: 100%; } .activitypub-embed-content .ap-preview video, .activitypub-embed-content .ap-preview audio { max-width: 100%; display: block; grid-column: 1 \/ span 2; } .activitypub-embed-content .ap-preview audio { width: 100%; } .activitypub-embed-content .ap-preview.layout-1 { grid-template-columns: 1fr; grid-template-rows: 1fr; } .activitypub-embed-content .ap-preview.layout-2 { aspect-ratio: auto; grid-template-rows: 1fr; height: auto; } .activitypub-embed-content .ap-preview.layout-3 > img:first-child { grid-row: span 2; } .activitypub-embed-content .ap-preview-text { padding: 15px; } .activitypub-embed-meta { padding: 15px; border-top: 1px solid #e6e6e6; color: #687684; font-size: 13px; display: flex; gap: 15px; } .activitypub-embed-meta .ap-stat { display: flex; align-items: center; gap: 5px; } @media only screen and (max-width: 399px) { .activitypub-embed-meta span.ap-stat { display: none !important; } } .activitypub-embed-meta a.ap-stat { color: inherit; text-decoration: none; } .activitypub-embed-meta strong { font-weight: 600; color: #000; } .activitypub-embed-meta .ap-stat-label { color: #687684; } <\/style>","protected":false},"excerpt":{"rendered":"<p>Teamet bag Peertube har netop udgivet f\u00f8lgende opslag, der beskriver, at der er en sikkerhedsfejl i Peertube-versioner f\u00f8r version 8.1.6, som bliver udnyttet aktivt. Hvis du driver en upatchet Peertube-instans, anbefaler de, at du opdaterer til version 8.1.8, s\u00e5 hurtigt som muligt. PeerTube @peertube@framapiaf.org **v8.1.8 Important security upgrade** We have learned that the SQL injection vulnerability&hellip;<\/p>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"activitypub_content_warning":"","activitypub_content_visibility":"","activitypub_max_image_attachments":3,"activitypub_interaction_policy_quote":"anyone","activitypub_status":"federated","footnotes":""},"categories":[1],"tags":[102,173,138,227,296],"class_list":["post-55658","post","type-post","status-publish","format-standard","hentry","category-nyheder","tag-fediverset","tag-foediverset","tag-nyheder","tag-peertube","tag-sikkerhedsfejl"],"acf":[],"_links":{"self":[{"href":"https:\/\/fediverset.dk\/en\/wp-json\/wp\/v2\/posts\/55658","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fediverset.dk\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fediverset.dk\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fediverset.dk\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fediverset.dk\/en\/wp-json\/wp\/v2\/comments?post=55658"}],"version-history":[{"count":2,"href":"https:\/\/fediverset.dk\/en\/wp-json\/wp\/v2\/posts\/55658\/revisions"}],"predecessor-version":[{"id":55666,"href":"https:\/\/fediverset.dk\/en\/wp-json\/wp\/v2\/posts\/55658\/revisions\/55666"}],"wp:attachment":[{"href":"https:\/\/fediverset.dk\/en\/wp-json\/wp\/v2\/media?parent=55658"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fediverset.dk\/en\/wp-json\/wp\/v2\/categories?post=55658"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fediverset.dk\/en\/wp-json\/wp\/v2\/tags?post=55658"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}