[ blog ]
PeerTube Updated to 8.2.2
published
We’ve updated P.LU to PeerTube 8.2.2.
PeerTube 8.2.2, published on July 2, 2026, is the kind of release admins should not leave sitting in the queue. Upstream’s note is short: administrators should upgrade immediately, and the affected range is PeerTube 8.2.1 and earlier.
Security
The PeerTube 8.2.2 release notes say this release fixes vulnerabilities ranging from medium to high severity in PeerTube <= 8.2.1. It also includes security hardening.
Upstream has not published CVE identifiers, affected endpoints, exploit details, or a technical write-up yet. The same release note says those details will be added in a few weeks. Until then, the useful admin fact is the version boundary.
For P.LU, that was enough. We were on PeerTube 8.2.1, inside the affected range, so we patched before the disclosure window instead of waiting for more detail.
Bug fixes
Security is the reason to update. The release also fixes a few rough edges:
- Plugin helpers
loadByIdOrUUIDandloadByIdOrUUIDWithFilesnow accept short UUIDs - Restricted embeds can now render on the origin instance
- Failed move jobs no longer hit an invalid state error
- Video caption management now uses the missing mutex lock
- Firefox embeds no longer break when a tab loads in the background
- The collapse and expand menu icon behaves correctly in right-to-left layouts
These are small fixes, but small fixes are where public instances lose time. Embeds, captions, plugin helpers, and move jobs are the sort of things people notice after they have already broken.
Upgrade notes
P.LU moved directly from PeerTube 8.2.1 to 8.2.2, so there were no intermediate PeerTube releases to fold in.
Upstream does not list new runtime requirements or configuration changes for 8.2.2. After deploying the new tag, the checks are plain: confirm the running version, restart the PeerTube services, and keep an eye on captions, embeds, and move jobs during normal use.
Official release link
That is the whole update. P.LU is on 8.2.2, and we will revisit the changelog if upstream publishes more security detail later.
[ share ]