The 2.12 series release notes contain important changes in this release series.

Security Fixes

• Packages have been updated to the latest security versions.

Bug Fixes

• The hostname documentation link in the Management Console linked to an invalid location.
• Large Git LFS objects and release downloads were temporarily buffered to the root disk. This could lead to disk space contention.
• The create team API endpoint returned a 500 error if LDAP Sync is enabled and the team already exists.
• The hookshot-unicorn service could fail to start if there was a large backlog of webhook jobs.
• Tearing down replication did not remove the database seed data used when configuring high availability replication.
• The license expiry notification was shown if the appliance was restarted after the current has license expired.
• The elasticsearch-upgrade service was not stopped during the upgrade process when upgrading via a hotpatch. This could lead to unnecessary logging to the root disk.
• Applying a hotpatch that required a reboot did not warn that a reboot is required.
• Postfix attempted to negotiate NTLM authentication if the relay host offered it.
• Toggling each of the Branch Protection settings would produce inconsistent audit log events.
• Toggling the 'Require review from Code Owners' Branch Protection setting did not generate an audit log event.
• Background job logging to /var/log/github/production.log could consume large amounts of disk space. The fast growth of this log file could cause the root disk to fill up.
• Comparing branches with unicode characters in their names could fail with a '500 Internal Server Error'.
• Large API requests could trigger excessive logging in the exceptions log. (updated 2018-01-31)

Changes

• ghe-diagnostics can now upload directly to GitHub using the -u or -t [ticket reference] options.

Known Issues

• We incorrectly redirect to the dashboard if you accessed GitHub Enterprise using an alias while in private mode. This might happen if you set a fully qualified domain name but the subdomain resolves correctly.
• Images uploaded to issues save with an absolute URL, so they can be broken if the hostname changes.
• On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
• Custom firewall rules aren't maintained during an upgrade.
• svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
• Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
• GitHub Enterprise clustering can not be configured without https.
• Deleting a search index doesn't delete all associated metadata, which are then incorrectly reused if a new search index is created. This causes search index repair jobs to be reported as finished in the site admin when they were not.
• GitHub Apps silently fail to be created when the name contains an underscore.
• Pull request review comments migrated with ghe-migrator are displayed in the wrong order.
• The pull request review request has users reversed, after migration with ghe-migrator.
• The comment count in the "Conversation" tab of a pull request migrated with ghe-migrator can be wrong.
• The gpgverify service may consume large amounts of CPU time even when not processing requests. (updated 2018-02-14)
• Pull request reviewer usernames were not updated if a reviewer was mapped to a different username when migrating repositories using ghe-migrator. (updated 2018-04-12)
• On a repository that's been locked for migration using ghe-migrator, project boards are not exported. (updated 2018-05-07)
• Nameid-format matching on SAML response is too strict when value is "unspecified", which can cause an error with the "Another user already owns the account." message if the IdP changes NameID. (updated 2018-06-25)

Thanks!

The GitHub Team