-- Leo's gemini proxy
-- Connecting to capsule.usebox.net:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini; charset=utf-8; lang=en
Posted Fri 14 Jan, 2022.
I have released version 1.3.3 of SpaceBeans updating its dependencies, and that fixes a vulnerability in logback-classic (CVE-2021-42550, medium severity).
In this case, I wouldn't say updating is essential -is not as bad as the stream of security issues log4j had recently-.
There are at least two ways of tracking updates in GitLab:
Hit "the bell" in the project page and on "Custom" you can choose being notified about releases (pros: you get an email, cons: you need GitLab account).
Subscribe to releases via Atom (pros: no need of GitLab account, cons: it is not really releases but tags, needs a feed reader, no Gemini for now).
In this case, I wouldn't urge anyone to upgrade, but there could be other security issues, or new functionality in the future. Besides, staying up to date is always a good idea!
-- Response ended
-- Page fetched on Wed May 8 07:58:04 2024