jprdonnelly/docs
1
0
Fork 0
mirror of synced 2026-01-25 18:03:26 -05:00
Code Issues Projects Releases Wiki Activity
Files
0f92b412f4b5ab0783fb6095d476da7894de02b2
docs/data/release-notes/enterprise-server/3-5/18.yml
release-controller[bot] 33b8ec8aa2 GHES Patch Release Notes (#37336) 
Co-authored-by: Release-Controller <runner@fv-az226-794.tgcx2ubhyojezlzda0twcaouih.dx.internal.cloudapp.net>
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
2023-05-30 15:40:23 +00:00

36 lines
3.4 KiB
YAML
Raw Blame History

date: '2023-05-30'
sections:
security_fixes:
- |
**MEDIUM**: Scoped installation tokens for a GitHub App kept approved permissions after the permissions on the integration installation were downgraded or removed. GitHub has requested CVE ID [CVE-2023-23765](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23765) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com).
- Packages have been updated to the latest security versions.
bugs:
- On an instance in a cluster configuration, when upgrading the MySQL master node, the post-upgrade configuration run would take 600 seconds longer than required due to incorrect detection of unhealthy nodes.
- |
If an instance has tens of thousands of deleted repositories, an upgrade from GitHub Enterprise Server 3.6 or 3.7 can take longer than expected. To decrease the risk of a long-running upgrade, before upgrading, someone with administrative SSH access to the instance can run the `ghe-purge-deleted-repositories` script. **Warning**: You cannot restore a purged repository. Use the script with caution. For assistance using the script, contact [GitHub Enterprise Support](/support/contacting-github-support/creating-a-support-ticket).
- If a user clicked the link to share feedback or report bugs for the beta of user lists, the web interface responded with a `404` error.
- GitHub Enterprise Server published distribution metrics that cannot be processed by collectd. The metrics included `pre_receive.lfsintegrity.dist.referenced_oids`, `pre_receive.lfsintegrity.dist.unknown_oids`, and `git.hooks.runtime`.
changes:
- People with administrative SSH access to an instance can configure the maximum memory usage in gigabytes for Redis using `ghe-config redis.max-memory-gb VALUE`.
known_issues:
- |
Custom firewall rules are removed during the upgrade process.
- |
Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository.
- |
The GitHub Packages npm registry no longer returns a time value in metadata responses. This was done to allow for substantial performance improvements. We continue to have all the data necessary to return a time value as part of the metadata response and will resume returning this value in the future once we have solved the existing performance issues.
- |
Actions services need to be restarted after restoring an appliance from a backup taken on a different host.
- |
{% data reusables.release-notes.2022-09-hotpatch-issue %}
- |
{% data reusables.release-notes.babeld-max-threads-performance-issue %}
- |
On an instance in a high-availability configuration, passive replica nodes accept Git client requests and forward the requests to the primary node.
- |
When using an outbound web proxy server, the `ghe-btop` command may fail in some circumstances with the error "Error querying allocation: Unexpected response code: 401".
- |
If an instance is configured to forward logs to a target server with TLS enabled, certificate authority (CA) bundles that a site administrator uploads using `ghe-ssl-ca-certificate-install` are not respected, and connections to the server fail.
- |
When running `ghe-config-apply`, the process may stall with the message `Deployment is running pending automatic promotion`.
Reference in New Issue View Git Blame Copy Permalink