GitLab 7.4.3 (Community Edition and Enterprise Edition) were both recently released as a security release update to fix a groups API vulnerability. Snippet raw view and buildbox integration are fixed with this release as well. This vulnerability affected the groups API vulnerability in GitLab 6.0 and up. Impact The vulnerability patched by this release allows a guest user to delete the owner of a group and to assign any other member as owner through the groups API.
Canonical had just reported that a number of vulnerabilities found in Ubuntu 14.04 LTS Linux Kernel had been fixed. According to Matthew Daley’s report, the following vulnerabilities where identified and fixed: An information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory A flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel.