Hello community members - Fleet engineers validate...
# fleet
z
Hello community members - Fleet engineers validated and reproduced a vulnerability report submitted through our responsible disclosure program. We have not seen any reports of active exploits of this vulnerability, but you can mitigate risk by temporarily disabling SSO (make sure to set one user to 'email/password' auth before disabling) until the release is published. We've been attempting to publish a security advisory but were facing a GitHub bug that prevented PR's being merged to security advisories as a result of an outage they had on Monday. We will have something out today. We expect 4.64.2 and a few additional patched versions to be released today (in final QA)! We will provide all available information in the advisory today, and an incident postmortem will be conducted later this week, with the resulting document available upon request to customers and the community. Stand by for the release update