Release notes for GitHub Enterprise Server versions 2.20.0+ have moved to GitHub Docs. Release notes for versions prior to 2.20.0 will remain on GitHub Enterprise Releases
Release notes
GitHub Enterprise 11.10.327
December 04, 2013
Download
Security
CRIT: Updated Java and other system packages to address critical vulnerabilities.
CRIT: Updated Ruby to protect against a buffer overflow vulnerability.
CRIT: Fixed a bug where a user could craft a special request that would allow arbitrary command execution on the appliance.
HIGH: Updated git for 32-bit and 64-bit installs to prevent a buffer overflow under some conditions.
HIGH: Kernel updated to prevent an exploit where an SSH user on the appliance could potentially gain elevated root permissions.
HIGH: Fixed a bug in the API that would allow for brute force password guessing.
HIGH: Updated Gist to address new Rails security vulnerabilities.
LOW: Fixed a bug that allowed users to inject LDAP filters into the username field on the login page.
LOW: Fixed an issue where a Gist's content wasn't filtered correctly and therefore appeared in the log files.