all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Rotating credentials for GitHub.com and new GHES patches

Add to bookmarks
Jan. 16, 2024, 8:04 p.m. | Jacob DePriest

The GitHub Blog: Security News and Updates github.blog

GitHub received a bug bounty report of a vulnerability that allowed access to the environment variables of a production container. We have patched GitHub.com and rotated all affected credentials. If you have hardcoded or cached a public key owned by GitHub, read on to ensure your systems continue working with the new keys.


The post Rotating credentials for GitHub.com and new GHES patches appeared first on The GitHub Blog.

access bounty bug bug bounty container continue credentials environment github github.com github enterprise server hardcoded key patches production public public key report security systems vulnerability working

Visit resource

More from github.blog / The GitHub Blog: Security News and Updates

Securing millions of developers through 2FA 2 days, 15 hours ago | github.blog
2fa adoption developers ecosystem +9
Security research without ever leaving GitHub: From code scanning to CVE via Codespaces and private … 3 weeks, 2 days ago | github.blog
blog blog post code codeql +16
Gaining kernel code execution on an MTE-enabled Pixel 8 1 month, 1 week ago | github.blog
android app arm arm mali +22
Keeping secrets out of public repositories 1 month, 4 weeks ago | github.blog
blog default developers github +10
How to stay safe from repo-jacking 2 months ago | github.blog
attack blog blog post can +10
Build code security skills with the GitHub Secure Code Game 2 months, 1 week ago | github.blog
actions blog build challenges +18
The architecture of SAST tools: An explainer for developers 2 months, 2 weeks ago | github.blog
address age architecture blog +15
AppSec is harder than you think. Here’s how AI can help. 2 months, 2 weeks ago | github.blog
appsec blog can closer +9
Rotating credentials for GitHub.com and new GHES patches 3 months, 1 week ago | github.blog
access bounty bug bug bounty +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior InfoSec Manager - Risk and Compliance

@ Federal Reserve System | Remote - Virginia
View on infosec-jobs.com

Security Analyst

@ Fortra | Mexico
View on infosec-jobs.com

Incident Responder

@ Babcock | Chester, GB, CH1 6ER
View on infosec-jobs.com

Vulnerability, Access & Inclusion Lead

@ Monzo | Cardiff, London or Remote (UK)
View on infosec-jobs.com

Information Security Analyst

@ Unissant | MD, USA
View on infosec-jobs.com
View more jobs