Release notes for the 2.16 series

GitHub Enterprise Server 2.16.25 January 15, 2020 Download

Security Fixes

Bug Fixes

  • The Alambic storage service could hit a file descriptor limit that could cause the kernel to hang and other services to log errors.
  • Importing of teams with nested teams with security visibility could fail. Nested teams will now be imported as top-level teams if they are imported as children of a team with secret visibility.

Upcoming deprecation of GitHub Enterprise Server 2.16

GitHub Enterprise Server 2.16 will be deprecated as of January 22, 2020 That means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, upgrade to the newest version of GitHub Enterprise Server as soon as possible.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.24 December 17, 2019 Download

Security Fixes

  • MEDIUM: An attacker could push a malicious GitHub Pages branch with overlapping submodule names, possibly leading to remote code execution within the GitHub Pages build container. To exploit this vulnerability, an attacker would need permission to create a branch within a repository on the GitHub Enterprise Server instance. CVE-2019-1387
  • Packages have been updated to the latest security versions.

Bug Fixes

  • ghe-config-check was returning validation errors for github-ssl.acme.ca-conf and syslog.cert.
  • The Let's Encrypt certificate registration feature consistently failed following an update to the external API.

Upcoming deprecation of GitHub Enterprise Server 2.16

GitHub Enterprise Server 2.16 will be deprecated as of January 22, 2020 That means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, upgrade to the newest version of GitHub Enterprise Server as soon as possible.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.23 December 03, 2019 Download

Security Fixes

  • Packages have been updated to the latest security versions.

Bug Fixes

  • Backups of GitHub Enterprise Server clusters could intermittently fail due to duplicated Gist repository references.
  • Transient, non-fatal errors returned from external LDAP servers during team synchronization operations could cause the incorrect removal of team members.

Upcoming deprecation of GitHub Enterprise Server 2.16

GitHub Enterprise Server 2.16 will be deprecated as of January 22, 2020 That means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, upgrade to the newest version of GitHub Enterprise Server as soon as possible.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.
  • The Let's Encrypt certificate registration feature consistently fails following an update to the external API.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.22 November 20, 2019 Download

Security Fixes

  • HIGH: The legacy avatar upgrade functionality was vulnerable to a Server-Side Request Forgery (SSRF) vulnerability when fetching image content from third-party avatar services. This could allow an attacker to make GET requests to internal services reachable from the GitHub Enterprise deployment.
  • LOW: The script-src: 'unsafe-inline' CSP header was applied to all paths for Enterprise Manager.
  • Packages have been updated to the latest security versions.

Bug Fixes

  • Promoting a replica in an active HA environment could fail to properly apply configuration changes and remove a pre-flight check holding page.
  • In certain cluster configurations, background jobs are unable to communicate with local storage services.
  • MySQL replication lag could rise significantly on high traffic instances during times of peak user activity.

Changes

  • GitHub Enterprise Server is now available in the eu-north-1 AWS region.
  • MySQL database seeding progress is reported during replication setup and recorded in the configuration log.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.
  • When using Let's Encrypt with a new installation, an error can occur when creating a new Let's Encrypt account.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.21 November 05, 2019 Download

Security Fixes

  • MEDIUM: The repository import functionality was vulnerable to a Server Side Request Forgery (SSRF) issue when importing TFS repositories.
  • Packages have been updated to the latest security versions.

Bug Fixes

  • The storage objects were incorrectly deleted from non-voting replicas.
  • In some cases systemd would fail to start services after a reboot.
  • Submitting the form to request to change a team's parent team with an empty value caused an error.
  • Unsubscribe email notification language was inconsistent with the language used in the web interface.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.20 October 23, 2019 Download

Security Fixes

  • HIGH: The repository import functionality was vulnerable to a command injection issue when importing Mercurial repositories.
  • Packages have been updated to the latest security versions.

Bug Fixes

  • A 500 Internal Server Error could occur when creating a new organization.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.19 October 08, 2019 Download

Security Fixes

  • Packages have been updated to the latest security versions.

Bug Fixes

  • Webhooks could not be created or updated to point to .consul domains.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.18 September 25, 2019 Download

Security Fixes

  • Packages have been updated to the latest security versions.

Bug Fixes

  • It was possible for the two-factor authentication requirement on the global enterprise account to remain enabled after switching to an authentication mode that does not support built-in two-factor authentication (such as SAML).

Changes

  • The number of pull requests that can be created from the same head SHA1 is limited to 100 by default.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.17 September 10, 2019 Download

Security Fixes

  • Packages have been updated to the latest security versions.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.16 August 27, 2019 Download

Security Fixes

  • Packages have been updated to the latest security versions.

Bug Fixes

  • On appliances that send a lot of notifications, GitHub Enterprise opened too many connections to the configured email server which delayed delivery in certain cases.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.15 August 13, 2019 Download

Security Fixes

  • HIGH: An attacker could inject potentially malicious options into Git sub-commands when executed on the server. This could allow an attacker to truncate existing files on the server or execute other unintended functionality of affected Git sub-commands. To exploit this vulnerability, an attacker would need permission to create a branch within a repository on the GitHub Enterprise Server instance. This vulnerability was reported through the GitHub Security Bug Bounty program.
  • MEDIUM: GitHub App permissions could be incorrectly set by the user.
  • Packages have been updated to the latest security versions.

Bug Fixes

  • Using ghe-migrator or exporting from GitHub.com, an export would silently fail to export issue comments when a repository was archived.
  • GitHub Enterprise Server was incorrectly using support@example.com as the sender of notification emails in certain circumstances.
  • Comparing OAuth Access Tokens returned 404 Not Found error.
  • Deleting a repository and its projects could delete other owned or accessible projects.
  • When enabling a feature for GitHub Connect resulted in an error, users were not properly notified.

Changes

  • Reduced memory utilization on GitHub Enterprise Server instances.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.14 July 23, 2019 Download

Security Fixes

  • Packages have been updated to the latest security versions.

Bug Fixes

  • Identical node identifiers on high availability replica nodes could prevent configuring or updating high availability replication.
  • Consul did not automatically recover when a node's identity changed unexpectedly.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.13 July 02, 2019 Download

Security Fixes

  • Packages have been updated to the latest security versions.

Bug Fixes

  • Viewing the profile of a user with a username similar to a common HTML error page, for example 404-html, would display the error page and not the user's profile.
  • Reattaching a forked repository to its parent after changing the visibility would fail for the second and subsequent forks.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.12 June 26, 2019 Download

OAuth app authorization bypass

A CRITICAL vulnerability was identified that allows an attacker to authorize an OAuth application on the account of a targeted user without the approval of the targeted user. This would allow an attacker to execute actions on behalf of the targeted user via the authorized OAuth application. The attacker would need to be able to create an OAuth application on the affected GitHub Enterprise Server instance to perform this attack. Additionally, to execute the attack, the targeted user would need to visit an attacker controlled website.

The affected supported versions are:

  • 2.14.0 - 2.14.23
  • 2.15.0 - 2.15.16
  • 2.16.0 - 2.16.11
  • 2.17.0 - 2.17.2

We strongly recommend upgrading your GitHub Enterprise Server appliance to the latest patch release in your series, GitHub Enterprise Server 2.14.24, 2.15.17, 2.16.12, 2.17.3, or greater immediately. If you have any questions, please contact GitHub support at https://enterprise.github.com/support.

This vulnerability was reported through the GitHub Security Bug Bounty program.

Security Fixes

  • CRITICAL: A malicious OAuth application could be authorized on a targeted user's account without requiring user approval, allowing an attacker to execute actions on behalf of the user.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.11 June 19, 2019 Download

Security Fixes

  • MEDIUM: An attacker with direct network access to the server could send a specially crafted sequence of network packets that could cause a kernel panic or slow down the system causing a Denial of Service (DoS). For more information, see the associated CVEs: CVE-2019-11477, CVE-2019-11478, CVE-2019-11479.
  • Packages have been updated to the latest security versions.

Bug Fixes

  • Internal API data values exceeded internal buffer sizes and caused access from the Git command-line to fail unconditionally for some users or deploy keys.
  • Pre-seeding the initial replica appliance in a HA configuration would result in the failure of the existing primary appliance.
  • The "Learn why" link beside the message "Custom sign-in messages are disabled when SAML authentication is enabled" pointed to a nonexistent help article.
  • In the GraphQL API, the suggestedReviewers field returned an error when queried in combination with some other fields (e.g., additions or deletions).
  • Pre-receive hooks that printed non UTF-8 characters would fail with an "incompatible character encodings" error message.
  • GitHub Enterprise Server incorrectly enforced a version of Backup Utilities that was the same or newer than the precise patch version of GitHub Enterprise Server.

Changes

  • When pushing a very large number of Git LFS objects to a repository, the returning "Git LFS Integrity Check" warning message was confusing, leading users to think something went wrong.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.10 June 04, 2019 Download

Security Fixes

  • Packages have been updated to the latest security versions.

Bug Fixes

  • Using ghe-migrator or exporting from GitHub.com, an export would silently fail to export pull request review comments when a repository was archived.
  • Rename conflicts were not detected while importing from some 3rd party systems using ghe-migrator.

Changes

  • Adjusted the memcached graph to include the memory "used" in addition to the memory "free".
  • client_id and client_secret were added to the JSON payload when creating a GitHub App via manifest.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.
  • GitHub Enterprise Server incorrectly enforces a version of Backup Utilities that is the same or newer than the precise patch version of GitHub Enterprise Server. (updated 2019-06-25)

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.9 May 21, 2019 Download

Security Fixes

  • HIGH: An endpoint in the GitHub API would disclose sensitive user information in its error response. The disclosed information included authentication tokens that could be used to authenticate as unauthorized users. An authenticated user on the instance would be required to access to the affected API.
  • Packages have been updated to the latest security versions.

Bug Fixes

  • The /var/log/github/exceptions.log file could include a large number of QueryWarningLogger::QueryWarning errors.
  • Organizations imported with ghe-migrator were not added to the global enterprise account.
  • The diff context for diffs that included submodules would sometimes load incorrect content.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption.

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.8 May 07, 2019 Download

Security Fixes

  • In certain cases, when a user would try to authorize their account through the OAuth web application flow, not all of the requested scopes would appear on the authorization page.

Bug Fixes

  • When using the quote reply feature ~strikethrough~ text was not preserved and suggested changes were duplicated.
  • Using ghe-migrator, an import would fail if an attachment file was missing from the export archive.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption. (updated 2019-05-08)

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.7 April 23, 2019 Download

Security Fixes

  • Packages have been updated to the latest security versions.

Bug Fixes

  • Consul logged errors when the dependency graph service was not enabled.
  • GitHub Connect did not go through the proxy if the protocol/scheme wasn't part of the proxy URL configured in the management console.
  • GitHub App manifests were not being created on instances with private mode enabled.
  • GitHub Connect disconnection messages did not always reflect the enabled features.
  • When viewing a diff, the indentation between the diff text and the expanded diff context was not aligned.
  • Password change emails were incorrectly being sent for accounts created on initial LDAP login
  • When importing from other platforms using ghe-migrator conflicts for teams were not detected.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption. (updated 2019-05-08)

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.6 April 09, 2019 Download

Security Fixes

  • Packages have been updated to the latest security versions.

Bug Fixes

  • Release assets uploaded via the Releases API would fail if the asset is larger than 1GB.
  • The package validation performed when upgrading would print the result of an internal check.
  • The maximum number of allowed connections to the internal HAProxy load balancer could be reached on very large instances leading to a large backlog of resqued jobs.
  • DNS resolution of appliance hostnames in a HA configuration could timeout or return an incorrect IP address.
  • Some pull requests and issues were purged completely when restoring the repository right after deleting it.
  • When creating a new repository, default repository visibility input could have the wrong value selected.
  • Links to the security alerts help documentation were incorrect.

Changes

  • Running ghe-repl-promote will now prompt for confirmation. To promote a replica without confirmation, use the -y flag: ghe-repl-promote -y.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption. (updated 2019-05-08)

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.5 March 26, 2019 Download

Bug Fixes

  • Certain high throughput conditions caused MySQL to consume a large amount of CPU time.
  • Certain scenarios resulted in a sign out message being displayed incorrectly.
  • Inefficient connection handling for an internal service created unnecessary log entries and in extreme cases could lead to a service outage.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Some pull requests and issues are purged completely when restoring the repository right after deleting it.
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption. (updated 2019-05-08)

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.4 March 13, 2019 Download

Arbitrary file content disclosure vulnerability in GitHub Enterprise Server

A CRITICAL issue was identified in Rails that allows an attacker to send a specially crafted request that could allow arbitrary files to be read and the file content to be disclosed.

The affected supported versions are:

  • 2.13.0 - 2.13.21
  • 2.14.0 - 2.14.15
  • 2.15.0 - 2.15.8
  • 2.16.0 - 2.16.3

All older, no longer supported versions are also affected.

We strongly urge upgrading your GitHub Enterprise Server appliance to the latest patch release in your series, GitHub Enterprise Server 2.13.22, 2.14.16, 2.15.9, 2.16.4, or greater immediately. If you have any questions, please contact GitHub support at https://enterprise.github.com/support.

Security Fixes

  • CRITICAL: A specially crafted request could allow arbitrary files to be read and the file content to be disclosed. For more information see the associated Rails CVE: CVE-2019-5418.
  • HIGH: High CPU usage could be triggered by a specially crafted request resulting in Denial of Service (DoS). For more information see the associated Rails CVE: CVE-2019-5419.
  • Packages have been updated to the latest security versions.

Bug Fixes

  • Repository pushes could fail to register in a cluster environment when a node was marked as offline.
  • Appliance upgrades could time out when updating significantly large databases.
  • In rare circumstances, a race condition could lead to repository data loss if an automated background maintenance job was triggered during a configuration update.
  • Files couldn't be deleted via the web editor.
  • LFS operations using a deploy key could fail with a HTTP 401 or 403 status if the deploy key creator was removed from the organization. (updated 2019-06-25)
  • With private mode disabled, the "Explore" menu shown when signed out included a "Collections" link.
  • A race condition during git operations sometimes caused the default branch to be assigned incorrectly.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters.
  • Some pull requests and issues are purged completely when restoring the repository right after deleting it. (updated 2019-03-19)
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption. (updated 2019-05-08)

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.3 February 26, 2019 Download

Security Fixes

  • Packages have been updated to the latest security versions.

Bug Fixes

  • The "Ignore whitespace changes" option was not honoured with progressively loaded diffs.
  • The custom sign out message was displayed on the sign in page in certain situations.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. (updated 2019-03-07)
  • Some pull requests and issues are purged completely when restoring the repository right after deleting it. (updated 2019-03-19)
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption. (updated 2019-05-08)

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.2 February 13, 2019 Download

Security Fixes

  • Packages have been updated to the latest security versions.

Bug Fixes

  • Uploads of some image types could fail when using Git LFS 2.5.0 or newer.
  • Entries for the babeld.log, gitauth.log, production.log, resqued.log and unicorn.log log files were truncated when forwarded to a central log server.
  • Stricter REST API validation was prematurely enabled. As a result, API requests that previously succeeded may have been rejected with a 422 Unprocessable Entity response.
  • Viewing the global business profile page for organizations with a lot of users could timeout.
  • Restoring a backup containing a very large number of deleted repositories could fail with the error "Resource temporarily unavailable".
  • Repositories owned by organizations could not be deleted by organization owners if the Repository deletion and transfer business setting was set to Disabled.
  • Repository pages with a lot of tags and branches could take a very long time to load.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. (updated 2019-03-07)
  • Some pull requests and issues are purged completely when restoring the repository right after deleting it. (updated 2019-03-19)
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption. (updated 2019-05-08)

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.1 January 29, 2019 Download

Security Fixes

  • MEDIUM: A race condition allowed a malicious GitHub App integrator to gain escalated user privileges by quickly updating their App's permissions during the OAuth flow.
  • Packages have been updated to the latest security versions.

Bug Fixes

  • Webhooks continued to be delivered via a proxy server after removing the proxy configuration.
  • Background jobs for the Content Attachments API used by GitHub Apps were not processed and as a result context information was not shown.
  • Successful delivery logs for Webhooks sent through a proxy server were reported as a delivery error if the proxy server inserted additional headers.
  • The migrations that are run while upgrading to GitHub Enterprise Server 2.16.0 could report "Column cache_version_number cannot be null" errors being logged to /var/log/github/exceptions.log.

Changes

  • Site admins can no longer create GitHup Apps and OAuth apps that start with the reserved words github or gist.

Known Issues

  • On a freshly set up GitHub Enterprise without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Stricter REST API validation has been prematurely enabled. As a result, API requests that previously succeeded may be rejected with a 422 Unprocessable Entity response. (updated 2019-02-01)
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. (updated 2019-03-07)
  • Some pull requests and issues are purged completely when restoring the repository right after deleting it. (updated 2019-03-19)
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption. (updated 2019-05-08)

Thanks!

The GitHub Team

GitHub Enterprise Server 2.16.0 January 22, 2019 Download

Features

  • The Deployments API includes new states. Deployments API integrates with GitHub Flow. (updated: 2019-04-02)
  • Integrator links can be expanded with relevant details in the context of GitHub comments via API.
  • Only pull request authors or users with write access to repository can resolve conversations.
  • Repository administrator can delete issues.
  • Users can subscribe to only receive repository notifications for releases.
  • Organization administrators can control whether users can create public, private, or no repositories.
  • A timeline event is shown when users force push to a branch.
  • Users can filter Pull Request by file type or hide deleted files.
  • Repository administrators can transfer an issue to another repository where the administrator also has repository administration privileges. (updated: 2019-04-08)
  • ‘Allow members to invite external collaborators’ setting added to Organization Settings page.
  • Pull request reviews automatically update the merge button.
  • 2-up image diffs will now also display file size alongside the width and height data.
  • When hovering over the status of a commit in a pull request's timeline, the full details for that status is displayed in a popover.
  • When searching from a user profile page users have the option to search by "this user".
  • Users can pre-fill values in the new Release form fields using URL query parameters.
  • Filtering files in a pull request by file type.
  • Bookmark any notification to move it into a prioritized list called Saved for Later.
  • When writing a comment with -1 or +1, GitHub suggests leaving a reaction.
  • Maintainers can add more template automation in the form of a default title, labels, and assignees.
  • When a user clicks the "Fork" button on a repository that has been already forked, the user's existing forks are listed.
  • Create and upload file to empty repos.

Bug Fixes

  • The native browser tooltip overlaid the GitHub custom tooltip when a commit message contained Closes #issue text.
  • The repository selection radio button and dropdown selection could be hidden when installing a GitHub App.

Changes

  • Recent changes to a project board will be highlighted since a user's last visit.
  • When viewing recent activity on a personal dashboard, timestamps will include a deep link to the most recent comment.
  • The owner dropdown is highlighted first on the "Create a new repository" page.
  • The keyboard shortcuts help dialog modal has been redesigned.
  • Comments are only outdated when the line the comment is related to changes.
  • New installs of Enterprise Server will use GitHub's NTP server pool by default and the upgrade package will change old default servers to the new NTP pool.

Backups and Disaster Recovery

GitHub Enterprise Server 2.16 requires at least GitHub Enterprise Backup Utilities 2.16.0 for Backups and Disaster Recovery.

Upcoming deprecation of GitHub Enterprise Server 2.13

GitHub Enterprise Server 2.13 will be deprecated as of March 27, 2019. That means that no patch releases will be made, even for critical security issues, after this date. For better performance, improved security, and new features, upgrade to the newest version of GitHub Enterprise Server as soon as possible.

Upcoming deprecation of GitHub Services

Starting with GitHub Enterprise Server 2.17.0, support for GitHub Services will be deprecated and administrators will not be able to install or configure new GitHub Services. Existing GitHub Services from a previous version of GitHub Enterprise Server will continue to function but GitHub Enterprise Server will not be providing any security or bug fixes to the GitHub Services functionality. At this time, there will be no changes to the existing functionality, but a warning banner will be displayed with the deprecation announcement blog post. Administrators can see which repositories are using GitHub Services with ghe-legacy-github-services-report.

Deprecation of Internet 11 Support

Starting with GitHub Enterprise Server 2.16.0, Internet Explorer 11 is no longer a supported browser. See a current list of supported browsers on this page.

Known Issues

  • On a freshly set up GitHub Enterprise Server without any users, an attacker could create the first admin user.
  • Custom firewall rules aren't maintained during an upgrade.
  • svn checkout may timeout while the repository data cache is being built. In most cases, subsequent svn checkout attempts will succeed.
  • Git LFS tracked files uploaded through the web interface are incorrectly added directly to the repository.
  • Stricter REST API validation has been prematurely enabled. As a result, API requests that previously succeeded may be rejected with a 422 Unprocessable Entity response. (updated 2019-02-01)
  • Issues cannot be closed if they contain a permalink to a blob in the same repository where the file path is longer than 255 characters. (updated 2019-03-07)
  • Some pull requests and issues are purged completely when restoring the repository right after deleting it. (updated 2019-03-19)
  • Resque workers may not be cleaned up following a configuration run leading to a growing number of stale workers which in turn could lead to high memory consumption. (updated 2019-05-08)

Errata

  • The ability for repository administrators to transfer an issue to another repository is not included in GitHub Enterprise Server 2.16.0.

Thanks!

The GitHub Team

© 2024 GitHub, Inc. All rights reserved.