jprdonnelly/docs
1
0
Fork 0
mirror of synced 2026-01-01 18:05:46 -05:00
Code Issues Projects Releases Wiki Activity
Files
1fc030d21dcc213e5f93b514b3f07a52156840bc
docs/data/release-notes/enterprise-server/3-0/3.yml
Steve Guntrip 1b0ac266ef [2021-11-01] Deprecating Zendesk Portal for Enterprise customers (GA) (#22453) 
* Update support pages, new screenshots

* Udpate vars and release notes

* Fix variable

* update dotcom submit a ticket fields

* Apply suggestions from code review

Co-authored-by: Elijah Buck <buckelij@github.com>

* Update content/admin/enterprise-support/receiving-help-from-github-support/reaching-github-support.md

Co-authored-by: Elijah Buck <buckelij@github.com>

* Fixes and updates from feedback

* include ghec version in link

* Apply suggestions from code review

Co-authored-by: Felicity Chapman <felicitymay@github.com>

* remove from 'submit via management console'

Co-authored-by: Elijah Buck <buckelij@github.com>
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: jmarlena <6732600+jmarlena@users.noreply.github.com>
2021-11-01 10:49:03 -07:00

43 lines
4.7 KiB
YAML
Raw Blame History

date: '2021-03-23'
intro: Downloads have been disabled due to a major bug affecting multiple customers. A fix will be available in the next patch.
sections:
security_fixes:
- '**HIGH:** A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possible to override environment variables leading to code execution on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.0.3 and was fixed in 3.0.3, 2.22.9, and 2.21.17. This vulnerability was reported via the GitHub Bug Bounty program and has been assigned CVE-2021-22864.'
- Packages have been updated to the latest security versions.
bugs:
- Running `ghe-cluster-config-init` could cause a cluster to become inoperable.
- Resolving merge conflicts in the GUI would fail when custom pre-receive hooks are configured on the repository.
- '`launch-deployer` and `launch-receiver` were logging at DEBUG level and filling logs with unnecessary information.'
- Systemd could lose track of HAProxy's PID.
- When Actions was configured to use S3 storage, the logs for an action would sometimes fail to load.
- The mysql-failover warning was displayed indefinitely after a successful failover.
- The `ghe-cluster-config-init` run was not fully accounting for the exit code of background jobs leading to improper handling of preflight checks.
- When enabling GitHub Actions, initialization could fail silently.
- When vulnerability alerting is enabled, upgrades to the 3.0 series would fail.
- Jobs related to Codespaces were being enqueued leading to an accumulation of unprocessed jobs.
changes:
- Use a relative number for consul and nomad `bootstrap_expect` allowing for a cluster to bootstrap even if a handful of nodes are down.
- Logs will rotate based on size in addition to time.
- Added kafka-lite to the `ghe-cluster-status` command.
known_issues:
- On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user.
- Custom firewall rules are not maintained during an upgrade.
- Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository.
- Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
- When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results.
- When maintenance mode is enabled, some services continue to be listed as "active processes". The services identified are expected to run during maintenance mode. If you experience this issue and are unsure, contact [GitHub Enterprise Support](https://support.github.com/contact).
- Jupyter Notebook rendering in the web UI may fail if the notebook includes non-ASCII UTF-8 characters.
- reStructuredText (RST) rendering in the web UI may fail and instead display raw RST markup text.
- Old builds of Pages are not cleaned up, which could fill up the user disk (`/data/user/`).
- When deleting a branch after merging a pull request, an error message appears although the branch deletion succeeds.
- |
Log rotation may fail to signal services to transition to new log files, leading to older log files continuing to be used, and eventual root disk space exhaustion.
To remedy and/or prevent this issue, run the following commands in the [administrative shell](https://docs.github.com/en/enterprise-server/admin/configuration/accessing-the-administrative-shell-ssh) (SSH), or contact [GitHub Enterprise Support](https://support.github.com/) for assistance:
```
printf "PATH=/usr/local/sbin:/usr/local/bin:/usr/local/share/enterprise:/usr/sbin:/usr/bin:/sbin:/bin\n29,59 * * * * root /usr/sbin/logrotate /etc/logrotate.conf\n" | sudo sponge /etc/cron.d/logrotate
sudo /usr/sbin/logrotate -f /etc/logrotate.conf
```
- When a replica node is offline in a high availability configuration, {% data variables.product.product_name %} may still route {% data variables.product.prodname_pages %} requests to the offline node, reducing the availability of {% data variables.product.prodname_pages %} for users.
- Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail.
Reference in New Issue View Git Blame Copy Permalink