What type of hardware are you using: VPS bought online
What YunoHost version are you running: 11.3.0.2
What app is this about: spip
Describe your issue
My server got hacked because the spip yunohost package is unmaintained and does as described in Critical security update · Issue #74 · YunoHost-Apps/spip_ynh · GitHub it is not including important security updates published in august 2024 Mise à jour critique de sécurité : sortie de SPIP 4.3.2, SPIP 4.2.16, SPIP (…) - SPIP Blog (RCE so remote execution which is pretty serious).
There are two open pull request that have done the work to upgrade the version (simple version and hash) : version 4.2.16 by arthurlutz · Pull Request #77 · YunoHost-Apps/spip_ynh · GitHub for minor version change, and Update manifest.toml spip 4.3.3 by vincent-lucy · Pull Request #76 · YunoHost-Apps/spip_ynh · GitHub for a major version.
What is the process for people stepping up to maintain an app like that ? Are there any telemetry indications as to how many installations are impacted by this problem ?
Share relevant logs or error messages
n/a