date: '2021-08-24' sections: security_fixes: - Packages have been updated to the latest security versions. bugs: - Attaching very large images or animated GIFs to images or pull requests would fail. - Journald messages related to automatic updates (`Adding h/m/s random time.`) were logged to syslog. - 'Custom pre-receive hooks that used a bash subshell would return an error: `No such file or directory`.' - Custom pre-receive hooks that created named pipes (FIFOs) would crash or hang, resulting in a timeout error. - Adding filters to the audit log advanced search page did not populate the query text box in real-time with the correct facet prefix and value. - Git hooks to the internal API that result in failing requests returned the exception `undefined method body for "success":String (NoMethodError)` instead of returning an explicit `nil`. - When an integration was removed, it was possible for an unrelated OAuth application or integration to also be removed. - When a mandatory message containing an emoji character was added, attempting to view or change the message would return a 500 Internal Server Error. known_issues: - On a freshly set up {% data variables.product.prodname_ghe_server %} without any users, an attacker could create the first admin user. - Custom firewall rules are removed during the upgrade process. - Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. - Issues cannot be closed if they contain a permalink to a blob in the same repository, where the blob's file path is longer than 255 characters. - When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. - When a replica node is offline in a high availability configuration, {% data variables.product.product_name %} may still route {% data variables.product.prodname_pages %} requests to the offline node, reducing the availability of {% data variables.product.prodname_pages %} for users. - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail.