Settings

Theme

Upcoming critical Gitlab security issue

9 points by nerdbaggy 2 years ago · 3 comments · 1 min read

I just got the following email. Security vulnerabilities have never been communicated like this before.

GitLab Security is writing to you to provide advanced notice of an upcoming critical security release scheduled for January 11, 2024. We highly recommend your team is prepared to immediately deploy the security upgrade to all affected self-hosted GitLab instances when the security release is available.

Please monitor the GitLab release page for security release details and upgrade instructions.

Affected GitLab versions:

16.1.0 - 16.5.4 16.6.0 - 16.6.2 16.7.0 Thank you,

The GitLab Security team

nerdbaggyOP 2 years ago

Blog post https://about.gitlab.com/releases/2024/01/11/critical-securi...

mdaniel 2 years ago

The tags are up for it, but no blog post yet: https://gitlab.com/gitlab-org/gitlab/-/tags https://about.gitlab.com/security-releases.xml

https://gitlab.com/gitlab-org/gitlab/-/blob/v16.7.2-ee/CHANG... seems to be the tl;dr although strangely I don't see a v16.7.1-ee tag

  • nerdbaggyOP 2 years ago

    Ohh yup. Looking at the merge it allows people to reset other users passwords.

    I was also able update my instance.

Keyboard Shortcuts

j
Next item
k
Previous item
o / Enter
Open selected item
?
Show this help
Esc
Close modal / clear selection