Search results for: Security

Starting today, we will assign CVE IDs to security vulnerabilities affecting GitHub Enterprise Server. We will continue to document security fixes in the release notes as they are today, and…

Learn about five more reasons why every enterprise should make innersource a priority in 2020.

IP allow lists are now generally available for GitHub Enterprise Cloud customers – allowing enterprise and organization owners to limit access to enterprise assets to an allowed set of source…

Learn about the top five reasons why leading enterprise organizations are investing in open source.

Starting April 6, 2020, Python 2 will no longer be offered on any hosted virtual environments. Python 2 was sunset on January 1, 2020 and is not being improved or…

We’re excited to share GitHub’s 2019 Transparency Report, a by-the-numbers look at how we handle requests for user data and moderate content on GitHub.

In this deep dive, we cover how our daily schema migrations amounted to a significant toil on the database infrastructure team, and how we searched for a solution to automate the manual parts of the process.

The 2.20.0 release of GitHub Enterprise Server is now available for download. The latest release includes additional security features, a new internal visibility option, and more. See the full release…

Additional security features, a new internal visibility option, and more with the latest updates to GitHub Enterprise Server 2.20.

GitHub Enterprise Cloud customers that use enterprise SAML SSO can enable team synchronization services for their member organizations. Thank you to everyone who participated in the open beta program for…

The GitHub Student Developer Pack now delivers over $200k worth of tools and training to every student with the addition of 22 new partners.

This is the fourth and final post in a series about Ubuntu’s crash reporting system. We’ll review CVE-2019-11484, a vulnerability in whoopsie which enables a local attacker to get a shell as the whoopsie user, thereby gaining the ability to read any crash report.

GitHub Enterprise Cloud customers that use enterprise SAML SSO can now enable team synchronization services for their organizations. Learn more about the enterprise SAML team synchronization public beta  

GitHub’s listing was announced at AWS re:Invent this year in the Global Partner Summit keynote. Now you can get GitHub Enterprise through the AWS Marketplace, making it easier to purchase for compliance or budget reasons.

This post summarizes several security vulnerabilities in Ubuntu’s crash reporting system: CVE-2019-7307, CVE-2019-11476, CVE-2019-11481, CVE-2019-11484, CVE-2019-15790. When chained together, they allow an unprivileged user to read arbitrary files on the system.

IP allow lists gives you the ability to limit access to enterprise assets to an allowed set of source IPs, and it’s now available in public beta for GitHub Enterprise Cloud customers.

IP allow lists are available in public beta for GitHub Enterprise Cloud customers – allowing enterprise and organization owners to limit access to enterprise assets to an allowed set of…

Learn more about the security vulnerabilities in Git 2.24 and older.

Learn more about updates we’ve made to our Terms of Service and Privacy Statement.

Token leaks are one of the most common security mistakes, and they can have disastrous consequences. GitHub Token Scanning looks for leaked tokens in public repositories and works with the…

The GitHub Advisory Database is a new experience that allows you to browse or search for the vulnerabilities that GitHub knows about. The database contains all curated CVEs and security…