You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jul 13, 2023. It is now read-only.
Github sent us an email earlier today telling us that 5.2.0 is vulnerable to CVE-2017-0889, but we believed that 5.2.0 contained the fix to CVE-2017-0889, as confirmed by the release page, the PR, and the NIST website.
We're going to upgrade to 5.2.1 to be on the safe side, but just wanted to ping y'all over here about this warning - maybe github has incorrect data?
Hi Paperclip folks,
Github sent us an email earlier today telling us that 5.2.0 is vulnerable to
CVE-2017-0889, but we believed that 5.2.0 contained the fix toCVE-2017-0889, as confirmed by the release page, the PR, and the NIST website.We're going to upgrade to 5.2.1 to be on the safe side, but just wanted to ping y'all over here about this warning - maybe github has incorrect data?
@zaksoup and @glassresistor
Code for America