Search results for: Security

Learn about the top five reasons why leading enterprise organizations are investing in open source.

GitHub Actions Breaking Change: Python 2 being removed from all virtual environments

We’re excited to share GitHub’s 2019 Transparency Report, a by-the-numbers look at how we handle requests for user data and moderate content on GitHub.

In this deep dive, we cover how our daily schema migrations amounted to a significant toil on the database infrastructure team, and how we searched for a solution to automate the manual parts of the process.

The 2.20.0 release of GitHub Enterprise Server is now available for download. The latest release includes additional security features, a new internal visibility option, and more. See the full release…

Additional security features, a new internal visibility option, and more with the latest updates to GitHub Enterprise Server 2.20.

GitHub Enterprise Cloud customers that use enterprise SAML SSO can enable team synchronization services for their member organizations. Thank you to everyone who participated in the open beta program for…

The GitHub Student Developer Pack now delivers over $200k worth of tools and training to every student with the addition of 22 new partners.

This is the fourth and final post in a series about Ubuntu’s crash reporting system. We’ll review CVE-2019-11484, a vulnerability in whoopsie which enables a local attacker to get a shell as the whoopsie user, thereby gaining the ability to read any crash report.

GitHub Enterprise Cloud customers that use enterprise SAML SSO can now enable team synchronization services for their organizations. Learn more about the enterprise SAML team synchronization public beta  

GitHub’s listing was announced at AWS re:Invent this year in the Global Partner Summit keynote. Now you can get GitHub Enterprise through the AWS Marketplace, making it easier to purchase for compliance or budget reasons.

This post summarizes several security vulnerabilities in Ubuntu’s crash reporting system: CVE-2019-7307, CVE-2019-11476, CVE-2019-11481, CVE-2019-11484, CVE-2019-15790. When chained together, they allow an unprivileged user to read arbitrary files on the system.

IP allow lists gives you the ability to limit access to enterprise assets to an allowed set of source IPs, and it’s now available in public beta for GitHub Enterprise Cloud customers.

IP allow lists are available in public beta for GitHub Enterprise Cloud customers – allowing enterprise and organization owners to limit access to enterprise assets to an allowed set of…

Learn more about the security vulnerabilities in Git 2.24 and older.

Learn more about updates we’ve made to our Terms of Service and Privacy Statement.

Token leaks are one of the most common security mistakes, and they can have disastrous consequences. GitHub Token Scanning looks for leaked tokens in public repositories and works with the…

The GitHub Advisory Database is a new experience that allows you to browse or search for the vulnerabilities that GitHub knows about. The database contains all curated CVEs and security…

As we celebrate Actions becoming generally available, check out some of the ways teams are contributing to Actions—and how you can start automating more of your workflow.

It’s our favorite time of year: GitHub Universe. And we’ve made some exciting announcements. GitHub Actions and Packages are now out of beta, we launched GitHub for mobile, redesigned the notifications experience, and introduced lots of other features we think you’ll love.

See what’s new for community and project management, developer productivity, and security in GitHub Enterprise Server 2.19.