date: '2020-07-21'
sections:
  security_fixes:
    - 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/21438, https://github.com/github/enterprise2/pull/21402, https://github.com/github/enterprise2/pull/21496, https://github.com/github/enterprise2/pull/21479 {% endcomment %}'
  bugs:
    - 'The Management Console monitor graphs would sometimes not display correctly on larger screens. {% comment %} https://github.com/github/enterprise2/pull/21398, https://github.com/github/enterprise2/pull/21381 {% endcomment %}'
    - 'GitHub App Manifest creation flow was unusable in some scenarios when a SameSite Cookie policy was applied. {% comment %} https://github.com/github/github/pull/147829, https://github.com/github/github/pull/144121 {% endcomment %}'
    - "In some circumstances, accessing the 'Explore' page would throw an application error. {% comment %} https://github.com/github/github/pull/149605, https://github.com/github/github/pull/148949 {% endcomment %}"
  known_issues:
    - 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
    - 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
    - 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
    - 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
    - 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
    - 'Security alerts are not reported when pushing to a repository on the command line. {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
    - 'Audit logs may be attributed to 127.0.0.1 instead of the actual source IP address. (updated 2020-11-02) {% comment %} https://github.com/github/enterprise2/issues/21514 {% endcomment %}'