fixing quotes and release date
This commit is contained in:
Chris Queitzsch
@@ -1,14 +1,14 @@
|
||||
date: '2022-01-12'
|
||||
date: '2022-01-18'
|
||||
sections:
|
||||
security_fixes:
|
||||
- Packages have been updated to the latest security versions. In these updates, Log4j has been updated to version 2.17.1. Note: previous mitigations released in 3.3.1, 3.2.6, 3.1.14, and 3.0.22 are sufficient to address the impact of CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 in these versions of GitHub Enterprise Server.
|
||||
- Sanitize more secrets in the generated support bundles
|
||||
- Packages have been updated to the latest security versions.
|
||||
- 'Packages have been updated to the latest security versions. In these updates, Log4j has been updated to version 2.17.1. Note: previous mitigations released in 3.3.1, 3.2.6, 3.1.14, and 3.0.22 are sufficient to address the impact of CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 in these versions of GitHub Enterprise Server.'
|
||||
- Sanitize more secrets in the generated support bundles
|
||||
- Packages have been updated to the latest security versions.
|
||||
bugs:
|
||||
- Running `ghe-config-apply` could sometimes fail because of permission issues in `/data/user/tmp/pages`.
|
||||
- The save button in management console was unreachable by scrolling in lower resolution browsers.
|
||||
- IOPS and Storage Traffic monitoring graphs were not updating after collectd version upgrade.
|
||||
- Some webhook related jobs could generated large amount of logs.
|
||||
- Running `ghe-config-apply` could sometimes fail because of permission issues in `/data/user/tmp/pages`.
|
||||
- The save button in management console was unreachable by scrolling in lower resolution browsers.
|
||||
- IOPS and Storage Traffic monitoring graphs were not updating after collectd version upgrade.
|
||||
- Some webhook related jobs could generated large amount of logs.
|
||||
known_issues:
|
||||
- On a freshly set up {% data variables.product.prodname_ghe_server %} without any users, an attacker could create the first admin user.
|
||||
- Custom firewall rules are removed during the upgrade process.
|
||||
|
||||
@@ -1,15 +1,15 @@
|
||||
date: '2022-01-12'
|
||||
date: '2022-01-18'
|
||||
sections:
|
||||
security_fixes:
|
||||
- Packages have been updated to the latest security versions. In these updates, Log4j has been updated to version 2.17.1. Note: previous mitigations released in 3.3.1, 3.2.6, 3.1.14, and 3.0.22 are sufficient to address the impact of CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 in these versions of GitHub Enterprise Server.
|
||||
- Sanitize more secrets in the generated support bundles
|
||||
- Packages have been updated to the latest security versions.
|
||||
- 'Packages have been updated to the latest security versions. In these updates, Log4j has been updated to version 2.17.1. Note: previous mitigations released in 3.3.1, 3.2.6, 3.1.14, and 3.0.22 are sufficient to address the impact of CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 in these versions of GitHub Enterprise Server.'
|
||||
- Sanitize more secrets in the generated support bundles
|
||||
- Packages have been updated to the latest security versions.
|
||||
bugs:
|
||||
- Running `ghe-config-apply` could sometimes fail because of permission issues in `/data/user/tmp/pages`.
|
||||
- The save button in management console was unreachable by scrolling in lower resolution browsers.
|
||||
- IOPS and Storage Traffic monitoring graphs were not updating after collectd version upgrade.
|
||||
- Some webhook related jobs could generated large amount of logs.
|
||||
- The repository permissions to the user returned by the `/repos` API would not return the full list.
|
||||
- Running `ghe-config-apply` could sometimes fail because of permission issues in `/data/user/tmp/pages`.
|
||||
- The save button in management console was unreachable by scrolling in lower resolution browsers.
|
||||
- IOPS and Storage Traffic monitoring graphs were not updating after collectd version upgrade.
|
||||
- Some webhook related jobs could generated large amount of logs.
|
||||
- The repository permissions to the user returned by the `/repos` API would not return the full list.
|
||||
known_issues:
|
||||
- The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues.
|
||||
- On a freshly set up {% data variables.product.prodname_ghe_server %} without any users, an attacker could create the first admin user.
|
||||
|
||||
@@ -1,17 +1,17 @@
|
||||
date: '2022-01-12'
|
||||
date: '2022-01-18'
|
||||
sections:
|
||||
security_fixes:
|
||||
- Packages have been updated to the latest security versions. In these updates, Log4j has been updated to version 2.17.1. Note: previous mitigations released in 3.3.1, 3.2.6, 3.1.14, and 3.0.22 are sufficient to address the impact of CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 in these versions of GitHub Enterprise Server.
|
||||
- Sanitize more secrets in the generated support bundles
|
||||
- Packages have been updated to the latest security versions.
|
||||
- 'Packages have been updated to the latest security versions. In these updates, Log4j has been updated to version 2.17.1. Note: previous mitigations released in 3.3.1, 3.2.6, 3.1.14, and 3.0.22 are sufficient to address the impact of CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 in these versions of GitHub Enterprise Server.'
|
||||
- Sanitize more secrets in the generated support bundles
|
||||
- Packages have been updated to the latest security versions.
|
||||
bugs:
|
||||
- Actions self hosted runners would fail to self-update or run new jobs after upgrading from an older GHES installation.
|
||||
- Storage settings could not be validated when configuring MinIO as blob storage for GitHub Packages.
|
||||
- Running `ghe-config-apply` could sometimes fail because of permission issues in `/data/user/tmp/pages`.
|
||||
- The save button in management console was unreachable by scrolling in lower resolution browsers.
|
||||
- IOPS and Storage Traffic monitoring graphs were not updating after collectd version upgrade.
|
||||
- Some webhook related jobs could generated large amount of logs.
|
||||
- Several documentation links resulted in a 404 Not Found error.
|
||||
- Actions self hosted runners would fail to self-update or run new jobs after upgrading from an older GHES installation.
|
||||
- Storage settings could not be validated when configuring MinIO as blob storage for GitHub Packages.
|
||||
- Running `ghe-config-apply` could sometimes fail because of permission issues in `/data/user/tmp/pages`.
|
||||
- The save button in management console was unreachable by scrolling in lower resolution browsers.
|
||||
- IOPS and Storage Traffic monitoring graphs were not updating after collectd version upgrade.
|
||||
- Some webhook related jobs could generated large amount of logs.
|
||||
- Several documentation links resulted in a 404 Not Found error.
|
||||
known_issues:
|
||||
- On a freshly set up {% data variables.product.prodname_ghe_server %} without any users, an attacker could create the first admin user.
|
||||
- Custom firewall rules are removed during the upgrade process.
|
||||
|
||||
@@ -1,23 +1,23 @@
|
||||
date: '2022-01-12'
|
||||
date: '2022-01-18'
|
||||
sections:
|
||||
security_fixes:
|
||||
- Packages have been updated to the latest security versions. In these updates, Log4j has been updated to version 2.17.1. Note: previous mitigations released in 3.3.1, 3.2.6, 3.1.14, and 3.0.22 are sufficient to address the impact of CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 in these versions of GitHub Enterprise Server.
|
||||
- Sanitize more secrets in the generated support bundles
|
||||
- Users on teams with the Security Manger role will now be notified about security alerts for repositories they are watching.
|
||||
- The security managers component will show a less-aggressive warning once the maximum number of teams has been reached.
|
||||
- The repository manage access page should return 403 when attempting to remove a security manager team from the repository.
|
||||
- Packages have been updated to the latest security versions.
|
||||
- 'Packages have been updated to the latest security versions. In these updates, Log4j has been updated to version 2.17.1. Note: previous mitigations released in 3.3.1, 3.2.6, 3.1.14, and 3.0.22 are sufficient to address the impact of CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, and CVE-2021-44832 in these versions of GitHub Enterprise Server.'
|
||||
- Sanitize more secrets in the generated support bundles
|
||||
- Users on teams with the Security Manger role will now be notified about security alerts for repositories they are watching.
|
||||
- The security managers component will show a less-aggressive warning once the maximum number of teams has been reached.
|
||||
- The repository manage access page should return 403 when attempting to remove a security manager team from the repository.
|
||||
- Packages have been updated to the latest security versions.
|
||||
bugs:
|
||||
- Actions self hosted runners would fail to self-update or run new jobs after upgrading from an older GHES installation.
|
||||
- Storage settings could not be validated when configuring MinIO as blob storage for GitHub Packages.
|
||||
- GitHub Actions storage settings could not be validated and saved in the Management Console when "Force Path Style" was selected.
|
||||
- Actions would be left in a stopped state after an update with maintenance mode set.
|
||||
- Running `ghe-config-apply` could sometimes fail because of permission issues in `/data/user/tmp/pages`.
|
||||
- The save button in management console was unreachable by scrolling in lower resolution browsers.
|
||||
- IOPS and Storage Traffic monitoring graphs were not updating after collectd version upgrade.
|
||||
- Some webhook related jobs could generated large amount of logs.
|
||||
- A Billing navigation item was visible in the site admin pages.
|
||||
- Several documentation links resulted in a 404 Not Found error.
|
||||
- Actions self hosted runners would fail to self-update or run new jobs after upgrading from an older GHES installation.
|
||||
- Storage settings could not be validated when configuring MinIO as blob storage for GitHub Packages.
|
||||
- GitHub Actions storage settings could not be validated and saved in the Management Console when "Force Path Style" was selected.
|
||||
- Actions would be left in a stopped state after an update with maintenance mode set.
|
||||
- Running `ghe-config-apply` could sometimes fail because of permission issues in `/data/user/tmp/pages`.
|
||||
- The save button in management console was unreachable by scrolling in lower resolution browsers.
|
||||
- IOPS and Storage Traffic monitoring graphs were not updating after collectd version upgrade.
|
||||
- Some webhook related jobs could generated large amount of logs.
|
||||
- A Billing navigation item was visible in the site admin pages.
|
||||
- Several documentation links resulted in a 404 Not Found error.
|
||||
known_issues:
|
||||
- After upgrading to {% data variables.product.prodname_ghe_server %} 3.3, {% data variables.product.prodname_actions %} may fail to start automatically. To resolve this issue, connect to the appliance via SSH and run the `ghe-actions-start` command.
|
||||
- On a freshly set up {% data variables.product.prodname_ghe_server %} instance without any users, an attacker could create the first admin user.
|
||||
@@ -28,4 +28,3 @@ sections:
|
||||
- The {% data variables.product.prodname_registry %} npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues.
|
||||
- Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail.
|
||||
- '{% data variables.product.prodname_actions %} storage settings cannot be validated and saved in the {% data variables.enterprise.management_console %} when "Force Path Style" is selected, and must instead be configured with the `ghe-actions-precheck` command line utility.'
|
||||
|
||||
|
||||
Reference in New Issue
Block a user