@stephancom reported the disclosure of unauthorized information within organization timelines. For a very brief period of time, members of an organization could view the metadata of events for unauthorized repositories within the organization. This vulnerability was mitigated by fixing a bug introduced into the authorization logic of the organization feed. All unauthorized events were scrubbed from the affected timelines. Additionally, more robust testing was added to prevent similar vulnerabilities in the future.