le_throoshCVE: Possible Organization/Secret Compromise from dangerous CI implementation
renegadesporkEveryone might want to freeze your Jellyfin versions until this gets sorted. As far as we know, nothing has been hijacked, but safer sit on your local copies for now.
Hasn’t it already been patched? https://github.com/jellyfin/jellyfin-ios/security/advisories/GHSA-7qhm-2m45-7fmh
Patches
CI workflows have been modified in all affected repositories, and secrets have been rotated.