ilias-admins

ilias-admins@lists.ilias.de

1 participants
258 discussions

by Fabian Wolf

Dear all, We have published release 10.3 on GitHub, see https://github.com/ILIAS-eLearning/ILIAS/releases/tag/v10.3. Please have a look at the release notes at https://docu.ilias.de/go/pg/220460_35 for more information about this release. This release contains security fixes. For more information, please visit the security blog at https://docu.ilias.de/go/blog/15821/888. It is recommended to update your software to the latest version. Best regards, Fabian Wolf

5 days

ILIAS 9.15 published

by Fabian Wolf

Dear all, We have published release 9.15 on GitHub, see https://github.com/ILIAS-eLearning/ILIAS/releases/tag/vx9.15. Please have a look at the release notes at https://docu.ilias.de/go/pg/220459_35 for more information about this release. This release contains security fixes. For more information, please visit the security blog at https://docu.ilias.de/go/blog/15821/887. It is recommended to update your software to the latest version. Best regards, Fabian Wolf

5 days

ILIAS 8.25 published

by Fabian Wolf

Dear all, We have published release 8.25 on GitHub, see https://github.com/ILIAS-eLearning/ILIAS/releases/tag/v8.25. Please have a look at the release notes at https://docu.ilias.de/go/pg/220458_35 for more information about this release. This release contains security fixes. For more information, please visit the security blog at https://docu.ilias.de/go/blog/15821/886. It is recommended to update your software to the latest version. Best regards, Fabian Wolf

5 days, 1 hour

ILIAS 10.2 published

by Fabian Wolf

Dear all, We have published release 10.2 on GitHub, see https://github.com/ILIAS-eLearning/ILIAS/releases/tag/v10.2. Please have a look at the release notes at https://docu.ilias.de/go/pg/220447_35 for more information about this release. This release contains security fixes. For more information, please visit the security blog at https://docu.ilias.de/go/blog/15821/882. It is recommended to update your software to the latest version. Best regards, Fabian Wolf

1 month, 2 weeks

ILIAS 9.14 published

by Fabian Wolf

Dear all, We have published release 9.14 on GitHub, see https://github.com/ILIAS-eLearning/ILIAS/releases/tag/v9.14. Please have a look at the release notes at https://docu.ilias.de/go/pg/220446_35 for more information about this release. This release contains security fixes. For more information, please visit the security blog at https://docu.ilias.de/go/blog/15821/881. It is recommended to update your software to the latest version. Best regards, Fabian Wolf

1 month, 2 weeks

ILIAS 8.24 published

by Fabian Wolf

Dear all, We have published release 8.24 on GitHub, see https://github.com/ILIAS-eLearning/ILIAS/releases/tag/v8.24. Please have a look at the release notes at https://docu.ilias.de/go/pg/220445_35 for more information about this release. This release contains security fixes. For more information, please visit the security blog at https://docu.ilias.de/go/blog/15821/880. It is recommended to update your software to the latest version. Best regards, Fabian Wolf

1 month, 2 weeks

Current Attack on NPM

by Richard Klees

Dear colleagues! --- TL/DR: Please use `npm clean-install` to install npm-dependencies and be careful when updating packages. --- A little longer: Please be aware of the current supply-chain-attack on the npm-ecosystem: * https://socket.dev/blog/npm-author-qix-compromised-in-major-supply-chain-at… * https://socket.dev/blog/ongoing-supply-chain-attack-targets-crowdstrike-npm… * https://www.paloaltonetworks.com/blog/cloud-security/npm-supply-chain-attac… * https://www.heise.de/news/Neuer-NPM-Grossangriff-Selbst-vermehrende-Malware… As far as we understand the situation, the attack is ongoing and additional packages might be affected in the course of future events. On the bright side, we are safe if everyone uses `npm clean-install`, as this will always pull the exact versions that we have pinned in `package-lock.json`. These are (to the best of our knowledge...) not affected. Also, existing versions of npm-Packages won't be replaced with other code (again, to the best of our knowledge). If this is not true and you can indeed identify malicious packages in our npm-dependencies, please don't hesitate to report them to security(a)ilias.de. On the other hand, every operation that might update pinned packages (be it `npm install` or `npm update`) might pull versions of libraries that are indeed affected. Please make sure to understand the risk involved here and consider to postpone any update of npm-dependencies until the attack and its consequences are mitigated. If you indeed need to update npm-dependencies now, please make sure to check the implied changes in the package-lock.json thoroughly against an up-to-date list of affected packages. It currently looks as if we are safe and can weather this situation just fine, which is a direct consequence of our tightened procedures around our dependencies, especially the centralized handling and the Dependency Jour Fixe. Good job everyone! If there are any questions or ideas, feel warmly welcome to reach out to us via tb(a)ilias.de or Discord. Kind regards! Richard Klees for the Technical Board of the ILIAS Society -- Richard Klees Geschäftsführung Fon: +49 (0)221 / 46 75 76 - 56 Fax: +49 (0)221 / 46 75 76 - 09 --------------------------------------------- CaT Concepts and Training GmbH Subbelrather Str. 15 B 50823 Köln Fon: +49 (0) 221 / 46 75 76 - 00 Fax: +49 (0) 221 / 46 75 76 - 09 Web: https://www.concepts-and-training.de https://www.cate-lms.de --------------------------------------------- Geschäftsführung: Claudia Glander, Gerald Konrad, Richard Klees Amtsgericht Köln HRB 57804 Ust-ID-Nr.: DE 814694228 Sitz: Köln --------------------------------------------- Sollten Sie weitere Informationen zu der Verarbeitung Ihrer Daten (Art. 12 ff., DSGVO) wünschen, informieren Sie sich unter: https://concepts-and-training.de/datenschutz-kunden.html

1 month, 2 weeks

ILIAS 10.1 published

by Fabian Wolf

Dear all, We have published release 10.1 on GitHub, see https://github.com/ILIAS-eLearning/ILIAS/releases/tag/v10.1 . Please have a look at the release notes at https://docu.ilias.de/go/pg/220441_35 for more information about this release. This release contains security fixes. For more information, please visit the security blog at https://docu.ilias.de/go/blog/15821/877 . It is recommended to update your software to the latest version. Best regards, Fabian Wolf

2 months, 2 weeks

ILIAS 9.13 published

by Fabian Wolf

Dear all, We have published release 9.13 on GitHub, see https://github.com/ILIAS-eLearning/ILIAS/releases/tag/v9.13 . Please have a look at the release notes at https://docu.ilias.de/go/pg/217959_35 for more information about this release. This release contains security fixes. For more information, please visit the security blog at https://docu.ilias.de/go/blog/15821/876 . It is recommended to update your software to the latest version. Best regards, Fabian Wolf

2 months, 2 weeks

ILIAS 8.23 published

by Fabian Wolf

Dear all, We have published release 8.23 on GitHub, see https://github.com/ILIAS-eLearning/ILIAS/releases/tag/v8.23 . Please have a look at the release notes at https://docu.ilias.de/go/pg/215476_35 for more information about this release. This release contains security fixes. For more information, please visit the security blog at https://docu.ilias.de/go/blog/15821/875 . It is recommended to update your software to the latest version. Best regards, Fabian Wolf

2 months, 2 weeks

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

ilias-admins