Security intervention required for git.sr.ht operators

Message ID
DKIM signature
Download raw message
A flaw in the git.sr.ht GraphQL API was discovered by Armin Weigl which
allows any authorized user to enumerate and extract information from any
other user's private and unlisted repositories.

To fix this issue, please upgrade git.sr.ht to version 0.72.7 or newer
and restart the git.sr.ht-api service.
Reply to thread Export thread (mbox)