I just wanted to make sure that I don’t have to worry about my Discourse instance right now due to this recently discovered vulnerability in Linux (from twelve years ago! ).
It’s a privilege escalation bug, so you need an existing local user to be able to exploit it. Or pair it with another RCE bug.
That said you should update your server packages ASAP, and we will also release a newer container image this week.
Okay, good to know. Thanks for telling me!
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.