Malicious code in lib-feature-flags-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e24cd9baab2f8a1b9e12ede025f1bf40f5cea61abaeb14c138b5aab1b0df3374 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Product Releases Should Not Be Scary

Every Product Manager and Software Developer should know that pushing feature updates to production via traditional channels is as archaic as painting on cave walls. The smart are always quick to adapt to new, innovative technologies, and this mindset is exactly what makes normal companies great...

[SECURITY] Fedora 34 Update: rust-crosstermion-0.7.0-2.fc34

Unification of crossterm and termion behind a common facade for use with feature flags...

GitLab: Stored XSS in custom emoji

Summary I found Stored XSS with a feature of custom emoji. This feature hasn't been rolled out yet and need to set feature flags in self management installation. https://gitlab.com/gitlab-org/gitlab/-/issues/231317 The problem is the code here...

Gitlab CE/EE Security Vulnerabilities

GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in Gitlab CE/EE versions...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1377-2) (Spectre)

The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bug was fixed : CVE-2018-3639: Information leaks using 'Memory Disambiguation' feature in modern CPUs were mitigated, aka 'Spectre Variant 4' bnc1087082. A new boot commandlin...

SUSE SLES12 Security Update : qemu (SUSE-SU-2018:1363-1) (Spectre)

This update for qemu fixes several issues. This security issue was fixed : - CVE-2018-3639: Spectre v4 vulnerability mitigation support for KVM guests bsc1092885. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all pri...

SUSE-SU-2018:1308-1 Security update for kvm

This update for kvm fixes the following issues: This update has the next round of Spectre v2 related patches, which now integrates with corresponding changes in libvirt. A January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by exposing the spec-ctrl featur...

SUSE-SU-2018:1077-1 Security update for kvm

This update for kvm fixes the following issues: - This update has the next round of Spectre v2 related patches, which now integrates with corresponding changes in libvirt. A January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by exposing the spec-ctrl...

SUSE-SU-2018:0831-1 Security update for qemu

This update for qemu fixes the following issues: This update has the next round of Spectre v2 related patches, which now integrate with corresponding changes in libvirt. CVE-2017-5715 bsc1068032 The January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by...

SUSE-SU-2018:0762-1 Security update for qemu

This update for qemu fixes the following issues: This update has the next round of Spectre v2 related patches, which now integrate with corresponding changes in libvirt. CVE-2017-5715 bsc1068032 The January 2018 release of qemu initially addressed the Spectre v2 vulnerability for KVM guests by...

Allowing communication from XenMobile apps to the Launch Darkly Service for feature flags

What are Feature Flags? Feature flags are a quality control measure for Citrix to be able to dynamically roll back to the previous working version of the app before a new feature was introduced. Since a bug fix on the public app stores is subject to delays due to app store submission and approval...

Etsy Feature Flags Keep Marketplace Online and Secure

BOSTON – Etsy is one of the Web’s biggest marketplaces. Its developers may be one of Web’s busiest teams. Proudly, the vintage and homemade goods online store, will push code to production upwards of 50 times a day. And, according to Kenneth Lee, senior product security engineer, they do so with...