~sircmpwn/sr.ht-admins

Security intervention required for git.sr.ht operators

Details
Message ID
<C92PCBH0LZZX.2QOAZ5ZK9K83X@taiga>
DKIM signature
missing
Download raw message
A flaw in the git.sr.ht GraphQL API was discovered by Armin Weigl which
allows any authorized user to enumerate and extract information from any
other user's private and unlisted repositories.

To fix this issue, please upgrade git.sr.ht to version 0.72.7 or newer
and restart the git.sr.ht-api service.
Reply to thread Export thread (mbox)