Skip to content

Posts by

Jacob DePriest


VP, Deputy CSO

Rotating credentials for and new GHES patches

GitHub received a bug bounty report of a vulnerability that allowed access to the environment variables of a production container. We have patched and rotated all affected credentials. If you have hardcoded or cached a public key owned by GitHub, read on to ensure your systems continue working with the new keys.