Heads up about security issues and a release next week

[Aravind SV]

Hello everyone,

There will be a release of GoCD next week, on Tuesday Oct 26 (tentatively around mid-day UTC). This release will have important security fixes. There will be a strong recommendation for all users of GoCD to upgrade to 21.3.0 to be protected.

Especially if you're in a hostile user environment or have a GoCD server exposed to the internet, please do upgrade as soon as possible.

The group who disclosed these issues responsibly will likely have a writeup about the findings soon.

Regards,

Aravind