le_throosh@lemmy.dbzer0.com to

Jellyfin: The Free Software Media System@lemmy.mlEnglish · 1 month ago

CVE: Possible Organization/Secret Compromise from dangerous CI implementation

www.cvedetails.com

6

29

CVE: Possible Organization/Secret Compromise from dangerous CI implementation

www.cvedetails.com

le_throosh@lemmy.dbzer0.com to

Jellyfin: The Free Software Media System@lemmy.mlEnglish · 1 month ago

6

Just a moment...

www.cvedetails.com

Strange that there was no comms whatsover from the team about this

Chat

Link@rentadrunk.org
link
fedilink
English
arrow-up
8·
1 month ago
Hasn’t it already been patched? https://github.com/jellyfin/jellyfin-ios/security/advisories/GHSA-7qhm-2m45-7fmh

Patches

CI workflows have been modified in all affected repositories, and secrets have been rotated.

Furthermore, OPs post seems to link to the patch: https://github.com/jellyfin/jellyfin-ios/commit/109217e75f38394b2f6e46e25dfe5a721203d3c8

Jellyfin: The Free Software Media System@lemmy.ml

jellyfin@lemmy.ml

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !jellyfin@lemmy.ml

Current stable release: 10.11.8

Community Standards

Feature Requests

Matrix (General Information & Help)

Matrix (Announcements)

Matrix (General Development)

Matrix (Off-Topic) - Come get to know the team and blow off steam!

Matrix Space - List of all the available rooms on Matrix.

Discord - Bridged to our Matrix rooms

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

2 users / day
4 users / week
313 users / month
1.18K users / 6 months
1 local subscriber
8.91K subscribers
447 Posts
3.7K Comments
Modlog