@iwalker: It is called customer service. Do you want to let your customers in fear and uncertainty? No. For big security problems that have a very huge impact like heartbleed or log4j, it is a service to the customers to tell them that the product is safe, because it doesn’t use log4j. It even helps the company, because customers don’t start to speculate if the product is vulnerable or not.
Related topics
| Topic | Replies | Views | Activity | |
|---|---|---|---|---|
| Gitlab : Emergency Patch Deployment for Apache Log4j | 3 | 2862 | December 17, 2021 | |
| Apache Log4j Remote Code Execution (RCE) Vulnerability in Gitlab CE | 1 | 942 | December 22, 2021 | |
| Git vulnerability? | 1 | 383 | September 15, 2021 | |
| Are the vulnerabilities detailed at https://about.gitlab.com/releases/2022/06/30/critical-security-release-gitlab-15-1-1-released/ present in Gitlab Omni 13.12.12 please? | 7 | 497 | July 13, 2022 | |
| GitLab read and write logs | 0 | 454 | July 6, 2017 |