Skip to Content

GitLab Releases Address Critical Security Issues

Git source code version control system maintainers have released versions 15.7.5, 15.6.6, and 15.5.9 for GitLab Community Edition (CE) and Enterprise Edition (EE) to address critical vulnerabilities. The vulnerabilities – a parsing integer overflow issue and a heap overflow issue – can be exploited to achieve remote code execution.

Note

  • GitLab addresses some vulnerabilities that were found in the open source tool “git” as part of a recent code audit. Aside from GitLab, you should watch out for updates to git from various vendors. Many developers will also install various versions of “git” independently. Unix based operating systems like MacOS often include git, but may have other versions installed as well by development tools.
  • My experience is folks running their GitLab services are all over keeping them updated, but it doesn’t hurt to verify. Also make sure that your scanning software is checking for versions of GitlLab/Atlassian and similar tools. If you don’t have visibility to their security bulletins, sign up on the announcement page.

Read more in

Tags

Tags

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.