The 2.1 series release notes contain important changes in this release series.

Bug Fixes

• The organisation creation page gave incorrect details about when LDAP groups could be synced as teams.
• LDAP users could not be suspended or renamed when LDAP sync was off.
• ghe-btop's --usage and --help flags were not being passed correctly.
• WOFF 2.0 font files did not have their content-type set correctly in Pages.
• The top third party OAuth applications were not displayed.
• The Owners team was not automatically removed from LDAP sync.
• Replication was not restarted automatically after an upgrade.
• Unicorn masters were not always restarted correctly which left behind stale processes.
• LDAP sync wasn't syncing members of a group where the LDAP group name contained a ..
• ghe-repl-setup did not warn if the master had an existing replica.
• The system did not always shut down cleanly due to using kexec rather than reboot.
• ghe-service-list did not list github-svn-proxy or github-timerd.
• resqued, svn-proxy and timerd held on to a deleted log file rather than rotating correctly.

Security Fixes

• Ubuntu packages have been updated to the latest security versions.
• LOW: Ruby 2.1.6
• LOW: Branch names were not escaped correctly so could allow a XSS vulnerability.
• LOW: A bug in URL parsing in Safari could allow the bypass of the same origin checks in JavaScript.

Known Issues

• Creating the OpenVPN connection can fail, causing replication set up with ghe-repl-setup to hang.
• Git replication can be slow and CPU intense during initial push of large or complex repositories.
• The management console settings interface doesn't clearly show if you have previously uploaded certificate files or a private key.
• Jobs stuck on code indexing can delay other jobs from running.
• Dashboard activity feed links point to wrong hostname after restoring from backup if the hostname has changed.
• In some circumstances, after an upgrade we prompt you to upload a license, even though there's already a valid license.
• On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
• Events in the github_audit log stream are being logged twice.
• Gists can't be created when using Safari 8.x in Private Mode.
• SNMP can't be run on high availability replicas.
• Gist profile pages don't have proper styling when subdomain isolation disabled.
• Management console sessions can expire too quickly for Safari users.
• We can fail to properly create the key for the secure connection between a high availability replica and the primary, which causes replication setup to fail.
• Custom firewall rules aren't maintained during an upgrade.
• A high availability replica that's been promoted to primary and then set up as a replica again doesn't properly show the replica status page, but shows "Starting..." instead.
• Replication setup fails for IPv6 hosts.
• It's not possible to convert a user account to an organization.
• Accessing GitHub Enterprise using a hostname alias with private mode enabled as an unauthenticated user will redirect you to the dashboard instead of the page you were trying to visit after you log in.
• Individual application logs are not reliably forwarded. (updated 2015-04-20)
• Avatars, release downloads, and image attachments to wikis and issues are not copied correctly by high availability replication. (updated 2015-05-20)
• We show your gravatar or identicon on Gists instead of your custom profile picture. (updated 2015-06-15)
• Repositories with a leading dot in their name fail to replicate if they were created before replication was set up. (updated 2015-06-16)
• We display the time in the scheduled maintenance banner in UTC instead of the viewer's timezone. (updated 2015-06-18)
• Users with LDAP DNs longer than 255 characters are suspended if LDAP Sync is enabled. (updated 2015-06-19)
• Images uploaded to issues save with an absolute URL, so they can be broken if the hostname changes. (updated 2015-07-14)
• With private mode enabled, a Pages site with no default page serves a generic error rather than an informative message. (updated 2015-07-14)
• Updates to Wiki pages by users without a primary email address set throw errors. (updated 2015-08-25)
• With LDAP authentication enabled, entering the wrong password can cause a timeout for some users. (updated 2015-09-02)
• Trying to add a file to a repository with Subversion 1.9 clients incorrectly detects the file already exists and fails. (updated 2016-01-14)

Thanks!

The GitHub Team