GitHub Enterprise 2.13.12 September 25, 2018 Series notes · Download

The 2.13 series release notes contain important changes in this release series.

A file path traversal vulnerability in the jekyll-remote-theme gem for GitHub Enterprise

A CRITICAL issue was identified that allows an attacker with repository write access to create Pages sites that can display the content of system files. This could used to further escalate the vulnerability to execute arbitrary commands on the GitHub Enterprise appliance.

The affected supported versions are:

We strongly recommend upgrading your GitHub Enterprise appliance to the latest patch release in your series, GitHub Enterprise 2.12.20, 2.13.12, 2.14.6, or greater.

Security Fixes

Bug Fixes

Known Issues

Thanks!

The GitHub Team