Search results for: Search

Check out Lee Reilly’s top ten tips and tricks to help you hack your GitHub experience. You won’t believe tip number eight!

Learn more about open source’s impact in the social sector from the Open Source for Good research paper.

There are lots of hidden secrets, keyboard shortcuts, hacks, and more that can make you and your team’s GitHub experience more productive, personal, and entertaining. Here are some Protips that Vitor Monteiro, GitHub Strategic Architect, has picked up along the way that might be useful to you.

Learn more about the Bug Bounty program, including a recap of 2019’s bugs, our expanded scope, new features, and more.

GitHub Desktop 2.4 gets you set up to work behind a proxy without having to configure anything manually, allows you to easily create an issue, and brings dark theme out of beta.

With easier organization and increased scalability, repository admins can more efficiently control access management to get users the permissions they need.

Explore some impactful open source projects being created by teams around the world in response to COVID-19.

Take a look at some of the new features in the latest Git release.

#NewYearNewPack winner Frank Matranga shares how the Pack helped him bring his open-source student planner to life.

Learn more about how we found ways to scale our vulnerability hunting efforts and empower others to do the same. In this post, we’ll take a deep-dive in the remediation of a security vulnerability with CERT.

GitHub Education introduces two new features to help you shape the next generation of software developers, with the GitHub Teacher Toolbox and more automation for GitHub Classroom.

Learn about the top five reasons why leading enterprise organizations are investing in open source.

We’re excited to share GitHub’s 2019 Transparency Report, a by-the-numbers look at how we handle requests for user data and moderate content on GitHub.

In this deep dive, we cover how our daily schema migrations amounted to a significant toil on the database infrastructure team, and how we searched for a solution to automate the manual parts of the process.

Share your love for open source and learn how to get involved for a chance to win a GitHub hoodie.

This is the fourth and final post in a series about Ubuntu’s crash reporting system. We’ll review CVE-2019-11484, a vulnerability in whoopsie which enables a local attacker to get a shell as the whoopsie user, thereby gaining the ability to read any crash report.

This is the third post in a series about Ubuntu’s crash reporting system. We’ll review CVE-2019-15790, a vulnerability in apport that enables a local attacker to obtain the ASLR offsets for any process they can start (or restart).

This is the second post in our series about Ubuntu’s crash reporting system. We’ll review CVE-2019-7307, a TOCTOU vulnerability that enables a local attacker to include the contents of any file on the system in a crash report.

This post summarizes several security vulnerabilities in Ubuntu’s crash reporting system: CVE-2019-7307, CVE-2019-11476, CVE-2019-11481, CVE-2019-11484, CVE-2019-15790. When chained together, they allow an unprivileged user to read arbitrary files on the system.

IP allow lists gives you the ability to limit access to enterprise assets to an allowed set of source IPs, and it’s now available in public beta for GitHub Enterprise Cloud customers.

Learn more about what’s behind the scenes with GitHub vulnerability alerts.