jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-30 03:01:36 -05:00
Code Issues Projects Releases Wiki Activity
Files
f9ad5851ca00617dc4e8a60fd6d4e2405fff676d
docs/data/release-notes/enterprise-server/3-10/1.yml
Rachael Sewell f9ad5851ca fix yaml data linting errors (#49571) 
Co-authored-by: Peter Bengtsson <peterbe@github.com>
Co-authored-by: Evan Bonsignori <ebonsignori@github.com>
2024-03-08 19:02:59 +00:00

82 lines
7.3 KiB
YAML
Raw Blame History

date: '2023-09-21'
intro: |
{% warning %}
**Warnings**:
- This release contains a known issue that may lead to replication issues on an instance in a high-availability, geo-replication, or repository cache configuration. Upgrade to {% data variables.product.prodname_ghe_server %} 3.10.2 or later instead of this release. For more information, see the "[Known issues](#3.10.1-known-issues)" section of these release notes.
- A change to MySQL in GitHub Enterprise Server 3.9 and later may impact the performance of your instance. Before you upgrade, make sure you've read the "[Known issues](#3.10.1-known-issues)" section of these release notes.
{% endwarning %}
sections:
security_fixes:
- HTTP Strict Transport Security (HSTS) is enabled within the Management Console.
- Packages have been updated to the latest security versions.
- |
**LOW:** An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a reopened pull request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the [GitHub Bug Bounty program](https://bounty.github.com/) and was assigned [CVE-2023-23766](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23766). [Updated: 2023-09-22]
bugs:
- On an instance with GitHub Actions enabled, scale sets configured at the enterprise level did not appear for use within the instance's organizations or repositories.
- On an instance with a GitHub Advanced Security license and secret scanning enabled, secret scanning alerts could fail to show an error message in the UI when a failure occurred closing or reopening the alert.
- On an instance with a GitHub Advanced Security license and secret scanning enabled, and when using Safari, changing additional match requirements for a custom pattern did not retrigger custom pattern evaluation against a user submitted test string.
- On an instance with a GitHub Advanced Security license and secret scanning enabled, organization access for a leaked GitHub tokens was not shown to commit authors when viewing the alert.
- On an instance with a GitHub Advanced Security license and secret scanning enabled, when token location(s) included a commit that introduced a large change, the page for viewing the alert would load slowly.
- When uploading migration archives to blob storage, the GitHub Enterprise Server instance's outbound web proxy server was not used.
- On an enterprise with the policy setting that disallows repository admins from enabling/disabling secret scanning, transferring a repository to a new organization that automatically enabled secret scanning wouldn't result in the transferred repository being automatically enabled for secret scanning.
- When migrating a repository from a GitHub Enterprise Server instance to another location, the `ghe-migrator target_url` command allows you to record the repository's new location. The new URL is displayed when you visit the main page of the repository in the web interface.
- On an instance with subdomain isolation disabled, a notebook could not be loaded due to incorrect asset paths.
- On an instance with a GitHub Advanced Security license and secret scanning enabled, in some cases, custom patterns would erroneously show no results for a dry run.
changes:
- When GitHub Enterprise checks for a new upgrade or hotpatch package, if the check fails the failure details are output to the `ghe-update-check` log, and the Management Console UI provides a "Check Again" button to rerun the check.
- When providing data to GitHub Support, GitHub Enterprise Server displays a notice describing how support data is used before uploading the support files.
known_issues:
- |
{% data reusables.release-notes.2023-10-git-push-made-but-not-registered %} [Updated: 2023-10-26]
- |
Custom firewall rules are removed during the upgrade process.
- |
During the validation phase of a configuration run, a `No such object` error may occur for the Notebook and Viewscreen services. This error can be ignored as the services should still correctly start.
- |
If the root site administrator is locked out of the Management Console after failed login attempts, the account does not unlock automatically after the defined lockout time. Someone with administrative SSH access to the instance must unlock the account using the administrative shell. For more information, see "[Troubleshooting access to the Management Console](/enterprise-server@3.8/admin/configuration/administering-your-instance-from-the-management-console/troubleshooting-access-to-the-management-console#unlocking-the-root-site-administrator-account)." [Updated: 2023-02-23]
- |
On an instance in a high-availability configuration, passive replica nodes accept Git client requests and forward the requests to the primary node.
- |
If an instance is configured to forward logs to a target server with TLS enabled, certificate authority (CA) bundles that a site administrator uploads using `ghe-ssl-ca-certificate-install` are not respected, and connections to the server fail.
- |
When running `ghe-config-apply`, the process may stall with the message `Deployment is running pending automatic promotion`.
- |
The `mbind: Operation not permitted` error in the `/var/log/mysql/mysql.err` file can be ignored. MySQL 8 does not gracefully handle when the `CAP_SYS_NICE` capability isn't required, and outputs an error instead of a warning.
- |
{% data reusables.release-notes.upgrade-to-3-9-or-to-3-10-mysql-cannot-start-up %} [Updated: 2023-08-11]
- |
{% data reusables.release-notes.upgrade-to-3-9-or-to-3-10-io-utilization-increase %}
- |
{% data reusables.release-notes.2023-08-mssql-replication-known-issue %}
- |
{% data reusables.release-notes.2023-09-config-apply-timeout-hookshot-go-replicas %}
- |
After an administrator enables maintenance mode from the instance's Management Console UI using Firefox, the administrator is redirected to the Settings page, but maintenance mode is not enabled. To work around this issue, use a different browser.
- |
{% data reusables.release-notes.cache-replica-servers-known-issue %} [Updated: 2023-09-26]
- |
{% data reusables.release-notes.2023-10-support-bundle-p-flag-not-working %} [Updated: 2023-10-13]
- |
{% data reusables.release-notes.scheduled-reminders-unintentional %} [Updated: 2023-10-17]
- |
{% data reusables.release-notes.2023-10-resource-activity-queue-not-processed %} [Updated: 2023-10-26]
- |
{% data reusables.release-notes.2023-10-actions-upgrade-bug %} [Updated: 2023-12-04]
- |
{% data reusables.release-notes.large-adoc-files-issue %} [Updated: 2023-10-31]
- |
{% data reusables.release-notes.2023-11-aws-system-time %} [Updated 2023-11-10]
- |
{% data reusables.release-notes.2023-12-backup-utils-exit-early-redis %} [Updated 2023-12-05]
- |
{% data reusables.release-notes.2023-12-client-ip-addresses-incorrect-in-audit-log %} [Updated 2023-12-13]
- |
{% data reusables.release-notes.2024-01-ha-proxy-out-of-memory %} [Updated 2024-01-23]
- |
{% data reusables.release-notes.2024-03-increased-log-volume-in-syslog %} [Updated: 2024-03-08]
Reference in New Issue View Git Blame Copy Permalink