The 11.10.353 release for GitHub Enterprise is now available for download from https://enterprise.github.com/download. The full release notes for 11.10.353 follow:
Researchers from INRIA, Microsoft Research and IMDEA have discovered a vulnerability that can cause affected servers to use weakened encryption on SSL connections, making it easier for an attacker with access to the connection to decrypt the communication.
GitHub Enterprise versions 2.0.7, 2.1.0 and newer are not vulnerable to this attack as they were already updated to OpenSSL 1.0.1-4ubuntu5.21 before this attack was published.
The 11.10.353 release is part of the 11.10.340 release series. No more security patches will be released in this series after 7 July 2015, even for critical security issues. All customers are encouraged to upgrade to the latest release.