2 May
2024
2 May
'24
5:33 p.m.
Scott Allen wrote on 2024-05-02 15:39:
Make sure you're patched if you run GitLab!
What is meant by "patched"? I use FIDO security key based 2FA for my GitLab account login. Is there something else I need to do?
If you administer a GitLab instance, it looks like you ought to apply a patch from January. If you merely have an account, MFA / 2FA will prevent someone from taking over your account, but you may be susceptible to someone else generating password resets on your behalf. Which would amount to merely an inconvenience. rb