From 68cd33f79f23cb876d4e6ccda704a61a4572ee80 Mon Sep 17 00:00:00 2001 From: bwestover Date: Mon, 24 May 2021 16:26:01 -0700 Subject: [PATCH 1/2] add late may patch release notes --- data/release-notes/2-21/22.yml | 16 ++++++++++++++++ data/release-notes/2-22/14.yml | 18 ++++++++++++++++++ data/release-notes/3-0/8.yml | 24 ++++++++++++++++++++++++ 3 files changed, 58 insertions(+) create mode 100644 data/release-notes/2-21/22.yml create mode 100644 data/release-notes/2-22/14.yml create mode 100644 data/release-notes/3-0/8.yml diff --git a/data/release-notes/2-21/22.yml b/data/release-notes/2-21/22.yml new file mode 100644 index 0000000000..fe88676bb4 --- /dev/null +++ b/data/release-notes/2-21/22.yml @@ -0,0 +1,16 @@ +date: '2021-05-25' +sections: + security_fixes: + - '**MEDIUM:** Under certain circumstances, users who were removed from a team or organization could retain write access to branches they had existing pull requests opened for.' + - Packages have been updated to the latest security versions. + bugs: + - An IP address added by an admin using the "Create Whitelist Entry" button could still be locked out. + - In a cluster or HA environment, GitHub Pages builds could be triggered on secondary nodes where they would fail. + known_issues: + - On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. + - Custom firewall rules are not maintained during an upgrade. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. + - Security alerts are not reported when pushing to a repository on the command line. + diff --git a/data/release-notes/2-22/14.yml b/data/release-notes/2-22/14.yml new file mode 100644 index 0000000000..863915eaf1 --- /dev/null +++ b/data/release-notes/2-22/14.yml @@ -0,0 +1,18 @@ +date: '2021-05-25' +sections: + security_fixes: + - '**MEDIUM:** Under certain circumstances, users who were removed from a team or organization could retain write access to branches they had existing pull requests opened for.' + - Packages have been updated to the latest security versions. + bugs: + - Normal replication delays in MSSQL generated warnings. + - An IP address added by an admin using the "Create Whitelist Entry" button could still be locked out. + - '`spokesd` created excessive log entries including the phrase "fixing placement skipped".' + changes: + - Check annotations older than 4 months will be archived. + known_issues: + - On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. + - Custom firewall rules are not maintained during an upgrade. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. + diff --git a/data/release-notes/3-0/8.yml b/data/release-notes/3-0/8.yml new file mode 100644 index 0000000000..2093de2b0d --- /dev/null +++ b/data/release-notes/3-0/8.yml @@ -0,0 +1,24 @@ +date: '2021-05-25' +sections: + security_fixes: + - '**MEDIUM:** Under certain circumstances, users who were removed from a team or organization could retain write access to branches they had existing pull requests opened for.' + - Packages have been updated to the latest security versions. + bugs: + - On the "Configure Actions and Packages" page of the initial installation process, when an admin clicked the "Test domain settings" button the test did not complete. + - Running `ghe-btop` failed with error `cannot find a 'babeld' container`. + - Users were experiencing service unavailability after upgrading due to a mismatch of internal and external timeout values. + - Normal replication delays in MSSQL generated warnings. + - Link for GitHub Enterprise Clustering Guide on management console was incorrect. + - An IP address added by an admin using the "Create Whitelist Entry" button could still be locked out. + - References to the "Dependency graph" and "Dependabot alerts" features were shown on repositories where they were not enabled. + - HTTP POST requests to the `/hooks` endpoint could fail with a 401 response due to the `hookID` being set incorrectly. + - The `build-server` process failed to clean up processes leaving them in the `defunct` state. + - '`spokesd` created excessive log entries including the phrase "fixing placement skipped".' + changes: + - Check annotations older than 4 months will be archived. + known_issues: + - On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. + - Custom firewall rules are not maintained during an upgrade. + - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. + - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. + - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. From a602c1d9707bf6a77fa43ee2ef93357cdb98ade1 Mon Sep 17 00:00:00 2001 From: bwestover Date: Mon, 24 May 2021 16:45:09 -0700 Subject: [PATCH 2/2] :scissors: some line breaks --- data/release-notes/2-21/22.yml | 1 - data/release-notes/2-22/14.yml | 1 - 2 files changed, 2 deletions(-) diff --git a/data/release-notes/2-21/22.yml b/data/release-notes/2-21/22.yml index fe88676bb4..832a71b0ca 100644 --- a/data/release-notes/2-21/22.yml +++ b/data/release-notes/2-21/22.yml @@ -13,4 +13,3 @@ sections: - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. - Security alerts are not reported when pushing to a repository on the command line. - diff --git a/data/release-notes/2-22/14.yml b/data/release-notes/2-22/14.yml index 863915eaf1..8bb48c321c 100644 --- a/data/release-notes/2-22/14.yml +++ b/data/release-notes/2-22/14.yml @@ -15,4 +15,3 @@ sections: - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. -