Search results for: Security

The 2.20.0 release of GitHub Enterprise Server is now available for download. The latest release includes additional security features, a new internal visibility option, and more. See the full release…

Additional security features, a new internal visibility option, and more with the latest updates to GitHub Enterprise Server 2.20.

GitHub Enterprise Cloud customers that use enterprise SAML SSO can enable team synchronization services for their member organizations. Thank you to everyone who participated in the open beta program for…

The GitHub Student Developer Pack now delivers over $200k worth of tools and training to every student with the addition of 22 new partners.

This is the fourth and final post in a series about Ubuntu’s crash reporting system. We’ll review CVE-2019-11484, a vulnerability in whoopsie which enables a local attacker to get a shell as the whoopsie user, thereby gaining the ability to read any crash report.

GitHub Enterprise Cloud customers that use enterprise SAML SSO can now enable team synchronization services for their organizations. Learn more about the enterprise SAML team synchronization public beta  

GitHub’s listing was announced at AWS re:Invent this year in the Global Partner Summit keynote. Now you can get GitHub Enterprise through the AWS Marketplace, making it easier to purchase for compliance or budget reasons.

This post summarizes several security vulnerabilities in Ubuntu’s crash reporting system: CVE-2019-7307, CVE-2019-11476, CVE-2019-11481, CVE-2019-11484, CVE-2019-15790. When chained together, they allow an unprivileged user to read arbitrary files on the system.

IP allow lists gives you the ability to limit access to enterprise assets to an allowed set of source IPs, and it’s now available in public beta for GitHub Enterprise Cloud customers.

IP allow lists are available in public beta for GitHub Enterprise Cloud customers – allowing enterprise and organization owners to limit access to enterprise assets to an allowed set of…

Learn more about the security vulnerabilities in Git 2.24 and older.

Learn more about updates we’ve made to our Terms of Service and Privacy Statement.

Token leaks are one of the most common security mistakes, and they can have disastrous consequences. GitHub Token Scanning looks for leaked tokens in public repositories and works with the…

The GitHub Advisory Database is a new experience that allows you to browse or search for the vulnerabilities that GitHub knows about. The database contains all curated CVEs and security…

As we celebrate Actions becoming generally available, check out some of the ways teams are contributing to Actions—and how you can start automating more of your workflow.

It’s our favorite time of year: GitHub Universe. And we’ve made some exciting announcements. GitHub Actions and Packages are now out of beta, we launched GitHub for mobile, redesigned the notifications experience, and introduced lots of other features we think you’ll love.

See what’s new for community and project management, developer productivity, and security in GitHub Enterprise Server 2.19.

The 2.19.0 release of GitHub Enterprise Server is now available for download. The latest release includes the triage and maintain roles, WebAuthn security keys, NuGet support for the dependency graph,…

California’s new privacy law comes into effect this January. Learn how you can prepare (tl;dr—don’t sell personal information) and contribute to the rules.

To celebrate 365 days of achievements, let’s look back at the code and communities built on GitHub this year.

You’re now required to obtain an OAuth token via the web application flow for SAML access to organizations requiring SSO. In most cases, this change also prohibits access via tokens…