date: '2021-04-14'
sections:
  security_fixes:
    - Packages have been updated to the latest security versions.
  bugs:
    - 'A warning message `jq: error (at <stdin>:0): Cannot index number with string "settings"` could occur during replica promotion.'
    - Visiting the `/settings/emails` page would store state that could cause improper redirects when logging out and logging back in.
    - Dependency graph alerts weren't shown for some components whose advisories have upper case package names in `vulnerable_version_ranges`.
    - User saw 500 error when executing git operations on an instance configured with LDAP authentication.
    - When ghe-migrator encountered import errors, it would sometimes abort the entire process, and the logs did not include enough context.
  known_issues:
    - On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user.
    - Custom firewall rules are not maintained during an upgrade.
    - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository.
    - Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
    - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results.
    - Security alerts are not reported when pushing to a repository on the command line.
    - 'When a replica node is offline in a high availability configuration, {% data variables.product.product_name %} may still route {% data variables.product.prodname_pages %} requests to the offline node, reducing the availability of {% data variables.product.prodname_pages %} for users.'