Skip to content

2024-April
Compare
Choose a tag to compare
@adonm adonm released this 03 May 07:18
· 580 commits to main since this release
2024-April
d98eea3
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

What's Changed

  • SAP Security Advisory April 2024 - 20240416002 by @DininduSWick in #638
  • [StepSecurity] ci: Harden GitHub Actions by @step-security-bot in #639
  • Bump actions/checkout from 3.6.0 to 4.1.2 by @dependabot in #640
  • Bump actions/configure-pages from 2.1.3 to 5.0.0 by @dependabot in #641
  • Bump actions/deploy-pages from 1.2.9 to 4.0.5 by @dependabot in #642
  • Bump github/codeql-action from 2.25.0 to 3.25.0 by @dependabot in #643
  • 20240417002 by @DGOV-Bryce in #646
  • Bump actions/dependency-review-action from 2.5.1 to 4.2.5 by @dependabot in #644
  • Mozila vulns by @thiagoai1 in #645
  • Google Chrome Multiple RCE Vulnerabilities - 20240418002 by @LSerki in #650
  • TP-Link Archer Routers Advisory by @CharlesRN in #651
  • Ivanti Avalanche Multiple RCE Vulnerabilities - 20240418004 by @DininduSWick in #652
  • Advisory - Cisco Patches Vulnerabilities in Integrated Management Controller - 20240419001 by @mahmadhabib076 in #655
  • 20240419003 by @DGOV-Bryce in #657
  • Libreswan Popular VPN Software Vulnerability - 20240419004 by @LSerki in #656
  • 20240419002-Oracle-Critical-Patch-Update-for-April-2024 by @TWangmo in #658
  • HashiCorp security advisory by @CharlesRN in #661
  • Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability - 20240422002 by @LSerki in #660
  • Bump pymdown-extensions from 10.7.1 to 10.8 by @dependabot in #663
  • Bump actions/upload-artifact from 3.pre.node20 to 4.3.3 by @dependabot in #662
  • Bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #659
  • Bump github/codeql-action from 3.25.0 to 3.25.1 by @dependabot in #649
  • VirtualBox priv esc by @ryan-aus in #666
  • Correct heading typo for VirtualBox advisory by @ryan-aus in #669
  • Bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in #672
  • 20240424003-Microsoft-pulls-fix-for-outlook by @carel-v98 in #671
  • Windows DOS-to-NT Path Conversion Process Exploited - 20240424002 - Advisory by @mahmadhabib076 in #670
  • Windows Print Spooler Elevation of Privilege Vulnerability - 20240423002 by @DininduSWick in #667
  • Bump github/codeql-action from 3.25.1 to 3.25.2 by @dependabot in #668
  • Exchange vulnerabilities by @thiagoai1 in #673
  • ArcaneDoor Exploiting Cisco ASA Vulnerabilities - 20240425001 by @petarpetrovski in #676
  • Progress Software Telerik Reporting Vulnerability by @CharlesRN in #675
  • 20240426002 by @TerinaK in #674
  • Updated sentinel guidance by @adonm in #665
  • Revert "ArcaneDoor Exploiting Cisco ASA Vulnerabilities - 20240425001" by @adonm in #677
  • Fixed id - arcanedoor by @adonm in #678
  • WordPress Automatic plugin critical vulnerability by @CharlesRN in #680
  • Windows Kernel Elevation of Privilege Vulnerability - 20240429001 by @LSerki in #681
  • Secret Server auth bypass advisory by @ryan-aus in #682
  • Advisory - Network Attached Storage (NAS) Vulnerability - 20240430002 by @mahmadhabib076 in #686
  • Bump pymdown-extensions from 10.8 to 10.8.1 by @dependabot in #684
  • R Programming Language Vulnerability by @CharlesRN in #687
  • CrushFTP systems vulnerability - 20240430001 by @DininduSWick in #688
  • Updated to April 2024 by @DamoOne in #693
  • smartscreen by @thiagoai1 in #694
  • 20240501003 by @TerinaK in #692
  • 20240501002-Zscaler-Client-Connector-Vulnerability by @carel-v98 in #691
  • Microsoft SmartScreen updated with newly identified Exploits by @CharlesRN in #696
  • HPE Aruba Network Products Critical Remote Code Execution (RCE) Vulnerabilities - 20240502001 by @petarpetrovski in #697
  • Create 20240503001-Apache-ActiveMQ-Vulnerability.md by @jasonkasih in #698
  • Bump actions/dependency-review-action from 4.2.5 to 4.3.2 by @dependabot in #695
  • Bump step-security/harden-runner from 2.7.0 to 2.7.1 by @dependabot in #690
  • Bump mdformat-mkdocs[recommended] from 2.0.9 to 2.0.10 by @dependabot in #683
  • Bump github/codeql-action from 3.25.2 to 3.25.3 by @dependabot in #679
  • Bump mkdocs-material from 9.5.18 to 9.5.20 by @dependabot in #685
  • Bump mkdocs from 1.5.3 to 1.6.0 by @dependabot in #664
  • Acrobat Reader Vulnerability - 20240503003 by @LSerki in #699
  • 20240503002 & 20240503004 by @DGOV-Bryce in #700

Full Changelog: 2024-March...2024-April

Contributors

adonm, dependabot, and 14 other contributors
Assets 2
Loading