jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-30 12:02:01 -05:00
Code Issues Projects Releases Wiki Activity
Files
cf968af10316c4483eafac673eb2c5261cced1de
docs/data/release-notes/2-20/6.yml
Jason Etcovitch d891618fcc Import Enterprise release notes for 2.20, 2.21 and 2.22.5 (#16909) 
* Add 2.20

* Add 2.21

* Add 2.22.5

* Lint

* Properly format dates

* Update the tests
2020-12-14 15:16:29 +00:00

27 lines
5.1 KiB
YAML
Raw Blame History

date: '2020-04-23'
sections:
security_fixes:
- '**HIGH**: OpenSSL has been updated to address [CVE-2020-1967](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1967). {% comment %} https://github.com/github/enterprise2/pull/19889, https://github.com/github/enterprise2/pull/19885 {% endcomment %}'
- '**HIGH**: Git has been updated to address [CVE-2020-5260](https://github.com/git/git/security/advisories/GHSA-qm7j-c969-7j4q) and [CVE-2020-11008](https://github.com/git/git/security/advisories/GHSA-hjc9-x69f-jqj7). New restrictions prevent malicious repositories from being pushed to the server instance, protecting clients which have not yet been patched. {% comment %} https://github.com/github/git/pull/990 {% endcomment %}'
- '**LOW**: ImageMagick has been updated to address [CVE-2019-10131](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10131). {% comment %} https://github.com/github/enterprise2/pull/19655, https://github.com/github/enterprise2/pull/19617 {% endcomment %}'
- 'Packages have been updated to the latest security versions. {% comment %} https://github.com/github/enterprise2/pull/19809, https://github.com/github/enterprise2/pull/19792, https://github.com/github/enterprise2/pull/19899, https://github.com/github/enterprise2/pull/19882 {% endcomment %}'
bugs:
- 'The git user lacked permissions to invoke the processes required to convert existing repositories using Subversion, from the v4 format to v3 LRS. {% comment %} https://github.com/github/enterprise2/pull/19465, https://github.com/github/enterprise2/pull/19150 {% endcomment %}'
- 'A mismatch in MySQL configurations could cause backups to fail in large installations. {% comment %} https://github.com/github/enterprise2/pull/19688, https://github.com/github/enterprise2/pull/19409, https://github.com/github/enterprise2/issues/19055 {% endcomment %}'
- 'When upgrading from previous versions, background job workers would sometimes not spawn, preventing essential features such as merging pull requests. {% comment %} https://github.com/github/enterprise2/pull/19771, https://github.com/github/enterprise2/pull/19712 {% endcomment %}'
- "When a GitHub Enterprise Server license contained non-ASCII characters, a `GET` request to the Management Console's API `/setup/api/settings` endpoint would result in an Internal Server Error. {% comment %} https://github.com/github/enterprise2/pull/19790 {% endcomment %}"
- 'The recovery console would prompt for a root password, even if the root account was locked. {% comment %} https://github.com/github/enterprise2/pull/19810, https://github.com/github/enterprise2/pull/19788, https://github.com/github/enterprise2/issues/18425 {% endcomment %}'
- 'A CODEOWNERS file with a leading UTF-8 Byte Order Mark would cause all codeowner rules to be ignored. {% comment %} https://github.com/github/github/pull/140974, https://github.com/github/github/pull/140729 {% endcomment %}'
changes:
- 'When the orchestrator-client cron job failed, multiple emails would be sent to the root account. {% comment %} https://github.com/github/enterprise2/pull/19761, https://github.com/github/enterprise2/pull/19748 {% endcomment %}'
- "When an external identity provider controlled user's site administrator status, users could not be demoted via the command line utility. {% comment %} https://github.com/github/github/pull/140522, https://github.com/github/github/pull/137807, https://github.com/github/github/issues/42727 {% endcomment %}"
known_issues:
- 'On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user. {% comment %} https://github.com/github/enterprise2/issues/1889 {% endcomment %}'
- 'Custom firewall rules are not maintained during an upgrade. {% comment %} https://github.com/github/enterprise2/issues/2823 {% endcomment %}'
- 'Git LFS tracked files [uploaded through the web interface](https://github.com/blog/2105-upload-files-to-your-repositories) are incorrectly added directly to the repository. {% comment %} https://github.com/github/github/issues/54684 {% endcomment %}'
- 'Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. {% comment %} https://github.com/github/github/issues/107731 {% endcomment %}'
- 'When pushing to a gist, an exception could be triggered during the post-receive hook. {% comment %} https://github.com/github/github/issues/129091 {% endcomment %}'
- 'When "Users can search GitHub.com" is enabled with GitHub Connect, issues in private and internal repositories are not included in GitHub.com search results. {% comment %} https://github.com/github/admin-experience/issues/571 {% endcomment %}'
- 'Security alerts are not reported when pushing to a repository on the command line. (updated 2020-06-23) {% comment %} https://github.com/github/github/issues/143190 {% endcomment %}'
- 'Dependency graph is not detecting dependencies when deployed in a cluster configuration with multiple Redis nodes. (updated 2020-06-30) {% comment %} https://github.com/github/dependency-graph/issues/81 {% endcomment %}'
Reference in New Issue View Git Blame Copy Permalink