--- title: "GitLab 7.4.3 Security Release" date: 2014-10-30 categories: releases author: Valery Sizov --- Today we released GitLab Community Edition 7.4.3 and GitLab Enterprise Edition 7.4.3. This is a security release which fixes a groups API vulnerability. Snippet raw view and buildbox integration are fixed with this release as well. _Update 2014-11-03 10:02 CEST:_ The groups API vulnerability has been assigned the CVE identifier CVE-2014-8540. ## Affected versions The groups API vulnerability affects GitLab 6.0 and up. ## Impact The vulnerability patched by this release allows a guest user to delete the owner of a group and to assign any other member as owner through the groups API. ## Upgrading Omnibus-gitlab packages for GitLab 7.4.3 are [now available](/install/). To upgrade an installation from source please use the [upgrader](http://doc.gitlab.com/ce/update/upgrader.html) or the [patch update guide](http://doc.gitlab.com/ce/update/patch_versions.html).