GitHub Enterprise 11.10.293
January 09, 2013
- Fixed an issue where SSL aNULL ciphers were still being allowed in some cases.
- Fixed a potential XSS security vulnerability where search results were being evaluated in-line for repository source code searches.
- Disabled asciidoc rendering due to a potential security vulnerability.
- Disabled XML response parsing to handle a potential Rails YAML unmarshaling exploit.
- Fixed an ActiveRecord dynamic finder vulnerability.
- Hardened sshd_config permissions.