oooooh it’s time
iiiiit’s time
i mean i usually release second saturday of the month but i’m busy next week so now it is - it’s release day!
New stuff
Arm64 builds!!!
oh yeah arm builds. amd64 move over, OTP releases now support the aarch64 architecture! many vps providers are starting to offer ARM servers at a reduced cost, so this may well be a nice cheap way for people to run instances.
The new flavours can be found in the installation docs
OTP Release base distributions updated
our old amd64 OTP release was built on debian bullseye, which since the last release has become oldstable. Hence, OTP releases are now built on bookworm (currently debian stable)
The alpine build is also now built on 3.18 as a base
!!IMPORTANT if you run ALPINE (<3.18), DEBIAN BULLSEYE (11), or UBUNTU FOCAL (20) - you must upgrade your system to run the newest OTP builds.
ALL OTP builds now require OpenSSLv3 to run.
On the upside, Debian bookworm and Ubuntu Jammy are now compatible! you won’t have to do anything though, i’m releasing identical builds under the old amd64-ubuntu-jammy flavour for ease of transition.
Full support for elixir 1.15
New elixir version, new fun and games. The latest release brings full support for the latest release, which should keep us nice and up to date with language-side security fixes and other such stuff. So if you build from source, feel free to update your environment. 1.14 is still entirely supported so don’t feel like you have to immediately though.
Please note that erlang OTP26 is not officially supported as yet - whilst I believe it should work, due to how it changes map ordering, it fails tests and I cannot guarantee 100% that it’s fine, so if you can, try to stick to OTP25.
A whole bunch of security-releated fixes
There’s been a few recently, huh?
The details of these fixes aren’t particularly interesting, but the cliff notes are:
- Added OnlyMedia upload filter, which will deny the upload of anything that isn’t explicitly a media file
- Added AnonymizeFilename upload filter to apply to everything. No more path traversal…
- Disabled any form of XML external entity loading
Some accessiblity functionality on the frontend
The prefers-reduced-motion browser setting will be honoured in a load of places now, which should make life easier if you’re not a fan of animations all over the place.
And more
As usual, a full list of changes can be found on the changelog
Upgrade
Same as ever! Updating your instance - Akkoma Documentation
Please note the above comments on OTP! Debian 11, Ubuntu 20 and alpine <3.18 users bewaaaaare!
OTP users beware! If your instance “crashes” with a runtime error, do make sure to read it, it’s telling you your config permissions are bad and tells you how to rectify that.
Thankies
I have quite a lot to give out this month
- yukijoou, mergan and SukinoVERSΞ for fixes on the frontend! thanks!
- Mae@is.badat.dev for being the whitehat we all need
- Norm, Oneric for documentation fixes!
- ilja for the above and also letting me bounce silly things off you in IRC
- the forklift driver for being certified as ever
- people that helped co-ordinate vulnerability fixes, it’s very helpful!