The 2.15 series release notes contain important changes in this release series.
- CVE-2018-16471 was addressed by updating Rack.
- Packages have been updated to the latest security versions.
- A stale temporary file could prevent an object managed by the Alambic service, which handles binary data such as avatars and image attachments, from syncing to HA or cluster replica nodes.
- Attempting to save settings in the Management Console incorrectly raised a validation error when an already saved TLS certificate or private key contains bag attributes.
- Custom DNS resolver settings were reverted during appliance hotpatch upgrades.
/var/log/error was not automatically rotated with logrotate and could sometimes use too much disk space.
- Submitting a comment after clicking the "Start a new conversation" button on a pull request diff raised an error under some circumstances.
- There was a layout issue with a notice shown to new organization members on the dashboard.
- Git authentication errors suggested the SSH protocol to the user even if it was disabled.
- The GitHub App installation settings page always showed the viewer as the one that had installed the App.
- Complicated rebases within very busy repositories could cause replicas to get out of sync, sometimes leading to transient push errors.
POST /repos/:owner/:repo/pulls REST API endpoint could return a 502 Bad Gateway response due to using suboptimal query indexes.
- The repository permissions settings for newly created organizations could get stuck in an "Update in progress" state.
- Pre-receive hook failures were not communicated to the end user when attempting to merge a pull request.
- The "Unsupported Browser" notice was not correctly shown when an unsupported browser was being used.
- On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
- Custom firewall rules aren't maintained during an upgrade.
- svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
- Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
- Listing the GUIDs of migrations that are in progress with the
ghe-migrator list command throws an error and fails.
- The import of project boards with
ghe-migrator fails when the creator of a card on the board no longer exists on the source instance.
The GitHub Team