Ryan Daws is a senior editor at TechForge Media with over a decade of experience in crafting compelling narratives and making complex topics accessible. His articles and interviews with industry leaders have earned him recognition as a key influencer by organisations like Onalytica. Under his leadership, publications have been praised by analyst firms such as Forrester for their excellence and performance. Connect with him on X (@gadget_ry) or Mastodon (@[email protected])
GitHub has released Enterprise Server 3.13.3, addressing several security vulnerabilities, including a critical flaw affecting instances using SAML single sign-on.
Alongside security patches, the update delivers bug fixes, minor feature enhancements, and changes to the platform.
The most pressing issue tackled by this update is a critical vulnerability (CVE-2024-6800) impacting instances employing SAML SSO with specific Identity Providers (IdPs).
CVE-2024-6800 was identified through GitHub’s Bug Bounty program, which could enable an attacker to manipulate a SAML response, thereby possibly gaining access to user accounts with site administrator rights.
This release also tackles two vulnerabilities of medium severity:
In addition to security enhancements, version 3.13.3 introduces a range of significant updates:
While this update boosts security and stability, GitHub has noted several ongoing issues in the official release notes. These include possible errors during configuration processes, challenges in migrating audit log data, and higher memory usage.
To review the full list of changes, please refer to the official release notes on GitHub’s website.
See also: Unit 42 researchers uncover critical GitHub Actions vulnerability
Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London. The comprehensive event is co-located with other leading events including BlockX, Digital Transformation Week, IoT Tech Expo, and AI & Big Data Expo.
Discover more upcoming events and webinars related to enterprise technology offered by TechForge here.
Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.