this post was submitted on 12 Jan 2024
1 points (100.0% liked)

random

1 readers
57 users here now

Catch-all for uncategorized or purely random content. Also, "random" items from the Fediverse may appear here.

Rules

Do not post or link to any illegal and/or copyrighted material.

Any sensitive or inappropriate submissions will be removed.

Be respectful of other people's opinions and behave yourselves.

founded 1 year ago
MODERATORS
 

Heads up everyone! 10/10 in GitLab:

GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction.

The vendor strongly recommends updating as soon as possible all vulnerable versions of the DevSecOps platform (manual update required for self-hosted installations) and warns that if there is "no specific deployment type (omnibus, source code, helm chart, etc.) of a product is mentioned, this means all types are affected.”

https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-zero-click-account-hijacking-vulnerability/

top 2 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 10 months ago

@[email protected]

Stick to resd-only for now.

[–] [email protected] 1 points 10 months ago

@[email protected] Thank you, this was timely and I really appreciate these notices.