💾 Archived View for capsule.usebox.net › gemlog › 20220114-stay-up-to-date.gmi captured on 2022-06-03 at 22:45:03. Gemini links have been rewritten to link to archived content

-=-=-=-=-=-=-

Stay up to date!

Posted Fri 14 Jan, 2022.

I have released version 1.3.3 of SpaceBeans updating its dependencies, and that fixes a vulnerability in logback-classic (CVE-2021-42550, medium severity).

In this case, I wouldn't say updating is essential -is not as bad as the stream of security issues log4j had recently-.

How do I track updates?

There are at least two ways of tracking updates in GitLab:

Hit "the bell" in the project page and on "Custom" you can choose being notified about releases (pros: you get an email, cons: you need GitLab account).

SpaceBeans on GitLab

Subscribe to releases via Atom (pros: no need of GitLab account, cons: it is not really releases but tags, needs a feed reader, no Gemini for now).

Atom tracking tags

In this case, I wouldn't urge anyone to upgrade, but there could be other security issues, or new functionality in the future. Besides, staying up to date is always a good idea!

Back to the index

Back home