64 lines
4.8 KiB
YAML
64 lines
4.8 KiB
YAML
date: '2023-10-24'
|
|
sections:
|
|
security_fixes:
|
|
- |
|
|
**LOW:** Due to an incorrect permission assignment for some configuration files, an attacker with access to a local operating system user account could read MySQL connection details including the MySQL password. [Updated: 2023-11-13]
|
|
- |
|
|
Packages have been updated to the latest security versions.
|
|
bugs:
|
|
- |
|
|
When a site administrator ran `ghe-btop` via SSH, the command did not run and a `/usr/bin/env: python3: No such file or directory` error occurred.
|
|
- |
|
|
Multiple lines in babeld logs could run together, making it unclear to administrators if the operations were related.
|
|
- |
|
|
`/var/log/lastlog` was not copied over as a sparse file during `ghe-upgrade`, which could cause issues by using additional disk space.
|
|
- |
|
|
On an instance in a cluster configuration, when managing maintenance mode using `ghe-cluster-maintenance`, an erroneous warning appeared that read "Warning: Maintenance mode set on primary, please make sure to set it on any active replica if needed".
|
|
- |
|
|
`ghe-repl-status` did not identify Git replicas in certain incomplete states and incorrectly suggested that a failover could be performed safely. In some cases, this led to data loss during failover.
|
|
- |
|
|
Repository exports using `ghe-migrator` or the REST API's operation for organization migrations could fail when a large number of commit comments or long commit comments were present.
|
|
- |
|
|
On an instance with a GitHub Advanced Security license and secret scanning enabled, secret scanning suggested incorrect filters when viewing both open and closed alerts.
|
|
- |
|
|
On an instance with multiple nodes, `ghe-spokes status` did not identify Git replicas in certain incomplete states, causing a false report that replication was in sync and leading to data loss or replication issues during failover.
|
|
- |
|
|
On an instance with a GitHub Advanced Security license and secret scanning enabled, dry runs sometimes incorrectly reported no results for custom patterns.
|
|
changes:
|
|
- |
|
|
Instructions in the "Migrations" section of the Management Console clarify that only standard AWS S3 endpoints are supported when configuring AWS S3 as a blob storage provider for migrations.
|
|
- |
|
|
On an instance in a cluster configuration, administrators can identify the repository networks or gists that are common across a specified set of storage nodes using the `spokesctl find-on-replicas` command.
|
|
- |
|
|
As a security measure, GitHub Pages does not build sites that contain symbolic links except when using custom GitHub Actions workflows. This change strengthens GitHub Pages's symbolic link detection.
|
|
known_issues:
|
|
- |
|
|
{% data reusables.release-notes.2023-10-git-push-made-but-not-registered %} [Updated: 2023-10-26]
|
|
- |
|
|
Custom firewall rules are removed during the upgrade process.
|
|
|
|
- |
|
|
During the validation phase of a configuration run, a `No such object` error may occur for the Notebook and Viewscreen services. This error can be ignored as the services should still correctly start.
|
|
- |
|
|
If the root site administrator is locked out of the Management Console after failed login attempts, the account does not unlock automatically after the defined lockout time. Someone with administrative SSH access to the instance must unlock the account using the administrative shell. For more information, see "[AUTOTITLE](/admin/configuration/administering-your-instance-from-the-management-console/troubleshooting-access-to-the-management-console#unlocking-the-root-site-administrator-account)."
|
|
- |
|
|
On an instance in a high-availability configuration, passive replica nodes accept Git client requests and forward the requests to the primary node.
|
|
- |
|
|
If an instance is configured to forward logs to a target server with TLS enabled, certificate authority (CA) bundles that a site administrator uploads using `ghe-ssl-ca-certificate-install` are not respected, and connections to the server fail.
|
|
- |
|
|
When running `ghe-config-apply`, the process may stall with the message `Deployment is running pending automatic promotion`.
|
|
- |
|
|
{% data reusables.release-notes.mermaid-rendering-known-issue %}
|
|
- |
|
|
{% data reusables.release-notes.2023-08-mssql-replication-known-issue %}
|
|
- |
|
|
{% data reusables.release-notes.2023-10-support-bundle-p-flag-not-working %}
|
|
- |
|
|
{% data reusables.release-notes.2023-11-aws-system-time %} [Updated 2023-11-10]
|
|
- |
|
|
{% data reusables.release-notes.2023-12-backup-utils-exit-early-redis %} [Updated 2023-12-05]
|
|
- |
|
|
{% data reusables.release-notes.2023-12-client-ip-addresses-incorrect-in-audit-log %} [Updated 2023-12-13]
|
|
- |
|
|
{% data reusables.release-notes.scheduled-reminders-unintentional %} [Updated: 2024-02-22]
|