NIXPKGS-2026-0893
GitHub issue
published on
by @LeSuisse Activity log
- Created automatic suggestion
- @LeSuisse removed package discourse-mail-receiver
- @LeSuisse removed package python312Packages.pydiscourse
- @LeSuisse removed package python313Packages.pydiscourse
- @LeSuisse removed package python314Packages.pydiscourse
- @LeSuisse removed package grafanaPlugins.grafana-discourse-datasource
- @LeSuisse accepted
- @LeSuisse published on GitHub
Discourse: Category group moderators can perform actions on topics in restricted categories without read access
Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to before 2026.2.2, and 2026.3.0-latest to before 2026.3.0, category group moderators could perform privileged actions on topics inside private categories they did not have read access to. This issue has been patched in versions 2026.1.3, 2026.2.2, and 2026.3.0.
References
Affected products
discourse
- ==>= 2026.2.0-latest, < 2026.2.2
- ==>= 2026.1.0-latest, < 2026.1.3
- ==>= 2026.3.0-latest, < 2026.3.0
Matching in nixpkgs
pkgs.discourse
Discourse is an open source discussion platform
Package maintainers
-
@talyz Kim Lindberger <kim.lindberger@gmail.com>