With the new features added in GitHub Enterprise 2.5.0, you can:
- Increase scalability with GitHub Clustering.
- Configure Advanced Settings in the new Admin Center.
- Configure Protected Branches using the preview API.
- Enjoy a new look for repositories and a simplified sign-up and sign-in flow.
- Take full advantage of SVN 1.8 and 1.9.
- Be more resilient to the specific problem of a lot of clients fetching the same data at almost the same time.
- Wikis are only editable by collaborators by default.
- Markdown can now be used in the announcement banner.
- Pushes that attempt to delete a repository's default branch are rejected.
- LDAP Sync now gracefully handles user DN changes.
- Git LFS is enabled on all repositories by default.
- The search index definitions have changed. Some searches will return partial results while the search indices are rebuilt. (updated 2016-02-18)
- The SAML authentication flow has been tightened to better conform to the SAML specification. This means all responses from your SAML server for SP-initiated authentication must include the
RelayState parameter as sent from the appliance. For IdP-initiated authentication you must ensure the "IdP initiated SSO (disables AuthnRequest)" setting is checked within the management console. You may experience a redirect loop between your appliance and your SAML server if either of these conditions are not met. (updated 2016-02-29)
Upgrading to the 2.5 release series is supported from GitHub Enterprise 2.3.0 and above.
Backup & Restore
In order to backup and restore GitHub Enterprise 2.5, you will need to upgrade backup-utils to version 2.5.0.
- Repository maintenance was not run on the high availability replica. This could lead to high load while repositories were repacked when first promoting the replica.
- Accessing the raw URL for a file named 'policies' would fail with a 404 error.
- Downloading the diagnostics via the Management Console could time out on instances with many release or Git LFS assets.
- We tried to log timing statistics to an inaccessible statsd server when downloading release assets.
- Repository milestones weren't updated on repositories migrated from GitHub.com.
- Viewing the Pages section in admin tools would cause a 500 error if no Pages site existed.
- Incorrect permissions could be set on certificate authority certificates installed with
ghe-ssl-ca-certificate-install. This could cause webhooks to fail as the certificates could not be read.
- Backups could fail to restore if a previous Pages migration had failed on the destination appliance.
- The incorrect Pages domain was shown in Pages section of a repository in Admin Tools.
- Two-factor authentication screens and emails would refer to using SMS fallback recovery.
- The management console settings interface didn't clearly show if you have previously uploaded certificate files or a private key. (updated 2016-02-10)
- HIGH OpenSSH packages have been updated to address multiple vulnerabilities.
- HIGH An integer overflow in Git could result in incorrect memory allocation values (CVE-2016-2315, CVE-2016-2324). (updated 2016-03-17)
- MED libxml2 and related packages have been updated to address multiple vulnerabilities.
- MED rsync has been updated to address a recently identified vulnerability.
- LOW Passwords and two-factor authentication one-time passwords could be written to the exceptions log.
Git LFS Client Vulnerability
An issue was identified that could allow an attacker to execute arbitrary commands on a user’s computer if they had Git LFS installed and cloned a malicious repository. Git LFS supports a per-repository configuration file to customize how certain aspects of Git LFS function. However, this file also allowed arbitrary Git configuration options to be modified. We have addressed the vulnerability by whitelisting the set of per-repository Git LFS configuration options that can be used to a safe subset.
GitHub Enterprise is not directly affected as this is a client-side vulnerability but as Git LFS is now enabled by default, we recommend you upgrade your clients to Git LFS 1.0.1 or later to address this vulnerability.
Asset storage changes (updated 2016-02-24)
To prepare for GitHub Clustering, this release changes the way GitHub Enterprise stores assets, such as release downloads, Git LFS objects, Avatars, and image attachments to wikis and issues. On instalations with many large assets, moving assets to their new location can take a long time. As always, we encourage you to test the upgrade in a staging environment before upgrading your production instance.
Deprecation of GitHub Enterprise 2.0
GitHub Enterprise 2.0 is now deprecated. That means that no patch releases will be made, even for critical security issues, after this release. For better performance, improved security, and new features, upgrade to the newest version of GitHub Enterprise as soon as possible.
Upcoming deprecation of GitHub Enterprise 2.1
GitHub Enterprise 2.1 will be deprecated as of April 4, 2016. That means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, upgrade to the newest version of GitHub Enterprise as soon as possible.
Deprecation of Support for Internet Explorer 9 and 10
Support for Internet Explorer 9 and 10 will be deprecated in a future release. There will be no changes in site functionality, but a warning banner will be displayed to Internet Explorer 9 and 10 users.
- CRITICAL There is a remote code execution vulnerability through the Management Console, patched in GitHub Enterprise 2.5.4. (updated 2016-03-31)
- HIGH Release assets from a public repository can be accessed by unauthenticated users in private mode. (updated 2016-05-27)
- Saving settings in the management console can overwrite the SAML Issuer with the value of the SAML certificate issuer, causing authentication to fail. The SAML Issuer must be set manually each time any settings are saved if a certificate has been uploaded. (updated 2016-02-12)
- We incorrectly redirect to the dashboard if you accessed GitHub Enterprise using an alias while in private mode. This might happen if you set a fully qualified domain name but the subdomain resolves correctly.
- Images uploaded to issues save with an absolute URL, so they can be broken if the hostname changes.
- On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
The management console settings interface doesn't clearly show if you have previously uploaded certificate files or a private key. (updated 2016-02-10)
- Custom firewall rules aren't maintained during an upgrade.
- Enqueued background jobs are sometimes not purged when a repository is deleted.
- If Git LFS was globally disabled prior to upgrading, manual configuration may be required to re-enabled it.
- On instances upgraded from 2.3 and earlier, restoring an archived protected branch will not restore all the settings correctly. This does not affect new instances.
- Upgrading directly from any 2.3 release to 2.5.0 can result in the removal of all personal access tokens. This can be prevented by upgrading to any 2.4 release first. (updated 2016-02-15)
HIGH (CVE-2015-7547) 2.5.0 is vulnerable to
glibc getaddrinfo stack-based buffer overflow. To manually patch your appliance, apply the hotfix by connecting to your appliance via SSH and running these commands: (updated 2016-02-17)
$ curl -O https://github-enterprise.s3.amazonaws.com/patches/github-enterprise-libc-trusty.hpkg
$ md5sum github-enterprise-libc-trusty.hpkg # 9deaf87e3313e9239e42179b78cd024a
$ chmod +x github-enterprise-libc-trusty.hpkg
- Periodic LDAP user and group memberships synchronization jobs do not run automatically. Synchronization can still be triggered manually. (updated 2016-02-18)
- Downloading a release asset from a private repository with the Releases API fails with an internal server error. (updated 2016-02-23)
- Automatic update checks fail to locate an upgrade package.
- User sessions are not properly revoked when they reach the expiry limit set by the SAML IdP.
svn checkout may timeout while the repository data cache is being built. In most cases, subsequent
svn checkout attempts will succeed. (updated 2016-05-24)
- Migration data exported from GitHub Enterprise with
ghe-migrator does not include issue file attachments, which may cause imports to another server to fail. (updated 2016-06-09)
- Console text is difficult to read on OpenStack KVM. (updated 2016-08-03)
- The initial import of the VMware OVA image may fail when deployed via vCenter Server 6.0 or 6.5. The import will succeed when performed directly on an ESXi host. (updated 2017-02-23)
- Git LFS objects may take up to an hour to replicate in a High Availability configuration. (updated 2017-02-23)
- The management console displays a summary of any previously uploaded certificate and private key files as of 2.5.0. (updated 2016-02-10)
The GitHub Team