Liraz Siri's picture

TurnKey GitLab was vulnerable to CVE-2016-4340. Privilege escalation via "impersonate" feature. We fixed the app but existing deployments require manual update:

TurnKey Magento IS NOT vulnerable to CVE-2016-4010 remote PHP code execution

v14.1 Maintenance release:

New MediaServer app by Jonathan Struebel:

In non-TurnKey related news: Binary options scam - hundreds of thousands are being defrauded by sophisticated online organized crime rings and there's something we can do about it:

Liraz Siri
TurnKey GNU/Linux
GnuPG KeyID: 0xB06780D9
Fingerprint: 1B4D 4827 A06E 440F 74B8 8334 6DEC 96D3 B067 80D9
Cell: +972 54-201-3512