Gli sviluppatori di GitLab hanno rilasciato aggiornamenti per Community Edition (CE) ed Enterprise Edition (EE) che risolvono nove vulnerabilità. Tra i problemi risolti ci sono due bug critici di bypass dell’autenticazione nella libreria ruby-saml.

Tutti i problemi sono stati risolti nelle versioni 1.12.4 e 1.18.0 di ruby-saml e in GitLab CE/EE 17.7.7, 17.8.5 e 17.9.2; tutte le versioni precedenti sono considerate vulnerabili.

GitLab.com ha già ricevuto le patch e i clienti GitLab Dedicated riceveranno automaticamente gli aggiornamenti. Si consiglia agli utenti che supportano installazioni autogestite sulla propria infrastruttura di applicare manualmente gli aggiornamenti il ​​prima possibile.

Le vulnerabilità critiche sono state identificate come CVE-2025-25291 e CVE-2025-25292. Entrambi i bug sono stati riscontrati nella libreria ruby-saml, utilizzata per l’autenticazione SAML Single Sign-On (SSO) a livello di istanza o di gruppo.

Entrambe le carenze sono dovute al fatto che REXML e Nokogiri utilizzano metodi diversi per l’analisi XML, con il risultato che entrambi i parser generano strutture di documenti completamente diverse a partire dallo stesso input XML. Questa differenza consente a un aggressore di eseguire un attacco Signature Wrapping, che comporta l’aggiramento dell’autenticazione.

In sostanza, le vulnerabilità consentono a un aggressore autenticato di impersonare un altro utente in un ambiente Identity Provider (IdP). E se un aggressore ottiene l’accesso non autorizzato all’account di un altro utente, potrebbe verificarsi una fuga di dati, un’escalation dei privilegi e altri rischi.

Entrambi i bug sono stati scoperti dagli esperti di GitHub, che hanno già pubblicato la propria analisi tecnica. Si noti che GitHub non è stato interessato da queste vulnerabilità, poiché l’uso della libreria ruby-saml è stato interrotto nel 2014.

Vale anche la pena notare che questa settimana gli sviluppatori di GitLab hanno corretto un’altra pericolosa vulnerabilità legata all’esecuzione remota di codice arbitrario: CVE-2025-27407. Questo bug consente a un aggressore che controlla un utente autenticato di utilizzare la funzionalità di trasferimento diretto, disabilitata per impostazione predefinita, per eseguire codice in remoto.

L'articolo 9 Patch delle quali 2 urgenti per GitLab! Due bug critici mettono a rischio milioni di utenti proviene da il blog della sicurezza informatica.

È uscito il nuovo numero di Domenike Famelike!
pdfhost.io/v/VRKseXPWu2_Basili…
Tra arte, cultura e storie da vivere, questo numero ti porterà in un viaggio dove ogni pagina è un’ispirazione.

👉 Segui i nostri social per anteprime e contenuti extra!
#DomenikeFamelike #CulturaCheRespira

Leggi, condividi, sogna. 🌟

Ever wanted to produce nitrogen fertilizer like they did in the 1900s? In that case, you’re probably looking at the Birkeland-Eyde process, which was the first industrial-scale atmospheric nitrogen fixation process. It was eventually replaced by the Haber-Bosch and Ostwald processes. [Markus Bindhammer] covers the construction of a hobbyist-sized, fully automated reactor in this video.

It uses tungsten electrodes to produce the requisite arc, with a copper rod brazed onto both. The frame is made of aluminium profiles mounted on a polypropylene board, supporting the reaction vessel. Powering the whole contraption is a 24 VDC, 20 A power supply, which powers the flyback transformer for the high-voltage arc, as well as an air pump and smaller electronics, including the Arduino Uno board controlling the system.

The air is dried by silica gel before entering the reactor, with the airflow measured by a mass air flow sensor and the reaction temperature by a temperature sensor. This should give the MCU a full picture of the state of the reaction, with the airflow having to be sufficiently high relative to the arc to extract the maximum yield for this already very low-yield (single-digit %) process.

Usually, we are more interested in getting our nitrogen in liquid form. We’ve also looked at the Haber-Bosch method in the past.

youtube.com/embed/L9KpFKQ7brY?…

hackaday.com/2025/03/15/buildi…

RP2040-based Pico board acting as U2F dongle with Firefox. (Credit: ArcaneNibble, GitHub)
The WebUSB standard is certainly controversial. Many consider it a security risk, and, to date, only Chromium-based browsers support it. But there is a workaround that is, ironically, supposed to increase security. The adjacent Universal 2nd Factor (U2F) standard also adds (limited) USB support to browsers. Sure, this is meant solely to support U2F USB dongles for two-factor authentication purposes, but as [ArcaneNibble] demonstrates using U2F-compatible firmware on a Raspberry Pi RP2040, by hijacking the U2F payload, this API can be used to provide WebUSB-like functionality.

The provided demo involves flashing an RP2040 (e.g., Pico board) with the u2f-hax.u2f firmware and loading the index.html page from localhost or a similar secure context. After this, the buttons on the browser page can be used to toggle an LED on the Pico board on or off. You can also read an input back from the RP2040.

This feat is made possible by the opaque nature of the U2F key handle, which means that anything can be put in this blob. This makes it a snap to pass data from the U2F dongle to the host. For the inverse, things get a bit trickier. Here the ECDSA signature is manipulated inside the ASN.1 that is returned to the dongle. Since Firefox performs no signature validation (and Chrome only does a range check), this works. The MCU also auto-confirms user presence by having the key handle start with oxfeedface, so the device works without user interaction. However, you do seem to get an annoying popup that immediately goes away.

Of course, this only works if you create a special USB device for this purpose. That means your normal USB devices are still secure. While we know it could be a security risk, you can do some cool things with WebUSB. We’ve seen a few projects that use it.

hackaday.com/2025/03/15/add-we…

We talk about quantum states — that is, something can be at one of several discrete values but not in between. For example, a binary digit can be a 1 or a 0, but not 0.3 or 0.5. Atoms have quantum states, but how do we know that? That’s what the Franck-Hertz experiment demonstrates, and [stoppi] shows you how to replicate that famous experiment yourself.

You might need to translate the web page if your German isn’t up to speed, but there’s also a video you can watch below. The basic idea is simple. A gas-filled tube sees a large voltage across the cathode and grid. A smaller voltage connects to the grid and anode. If you increase the grid voltage, you might expect the anode current to increase linearly. However, that doesn’t happen. Instead, you’ll observe dips in the anode current.

When electrons reach a certain energy they excite the gas in the tube. This robs them of the energy they need to overcome the grid/anode voltage, which explains the dips. As the energy increases, the current will again start to rise until it manages to excite the gas to the next quantum level, at which point another dip will occur.

Why not build a whole lab? Quantum stuff, at a certain level, is weird, but this experiment seems understandable enough.

youtube.com/embed/St-EJRtIsHg?…

hackaday.com/2025/03/15/you-to…