GitHub Enterprise 2.1.1 January 30, 2015 Series notes · Download

The 2.1 series release notes contain important changes in this release series.

Bug Fixes

Known Issues

Security Fixes

GHOST vulnerability

Qualys researchers have found a buffer overflow vulnerability in the gethostbyname function in the C standard library that could allow remote code execution under some circumstances. There is currently no known way to exploit GitHub Enterprise remotely using this vulnerability, as many services don't use gethostbyname in a way that is exploitable. However, as a precaution we recommend upgrading to this latest patch release or to a later version.

Errata

Thanks!

The GitHub Team

https://enterprise.github.com/releases

https://enterprise.github.com/releases/2.1.1

Security Notification

Important Security Vulnerabilities Fixed in GitHub Enterprise 2.1.1

The following important security vulnerabilities have been fixed in the 2.1.1 release:

GHOST vulnerability

Qualys researchers have found a buffer overflow vulnerability in the gethostbyname function in the C standard library that could allow remote code execution under some circumstances. There is currently no known way to exploit GitHub Enterprise remotely using this vulnerability, as many services don't use gethostbyname in a way that is exploitable. However, as a precaution we recommend upgrading to this latest patch release or to a later version.

If you have any questions, please contact support at enterprise@github.com

Thanks!

The GitHub Team