Mastodon security update: every version prior to today's is vulnerable to remote user impersonation and takeover

That doesn't mean you shouldn't try to contain the blast radius.