Security
In a collaboration with GitHub Security Lab (big thanks to @artsploit 🤍) we've managed to resolve 3 vulnerabilities noticed in Reposilite:
- GHSL-2024-072
- GHSL-2024-073
- GHSL-2024-074
It is highly recommended to update your instances as soon as possible to mitigate the risks. For the time being, we're not revealing details on each one of them, but every instance running on versions between 3.3.0 to 3.5.11 should be considered as vulnerable.
Other changes
- Fixed invalid SHA checksums generated for files uploaded via the dashboard (thanks @laszlof)
- Bumped dependencies
Sponsors
Thanks to everyone who supported me this month 💜
| Active GitHub Sponsors | milkyway0308, andrm, rdehuyss, joshuasing, insertt, GotoFinal, mcebular, Koressi, tipsy, Kamilkime, that-apex, SirEndii, crejk, Rollczi, Jan Bojarczuk |
Minimal requirements
- Java 11+
- RAM 32MB
Downloads
- JAR: Reposilite 3.5.12 ~ from Reposilite 3.x based repository ʕ•ᴥ•ʔ
- Docker: Docker Hub - Reposilite
$ docker pull dzikoysk/reposilite:3.5.12 - Docker: Docker - GitHub Registry -
$ docker pull ghcr.io/dzikoysk/reposilite:3.5.12 - Helm:
helm.reposilite.com