GitHub Upgrade – 2.19.3/2.19.4

The 2.19.3 update is a small update, fixing a few bugs and applying OS package upgrades.

We will also be applying the 2.19.4 update, which patches a medium risk security vulnerability.

Security Fixes

  • An attacker could push a malicious GitHub Pages branch with overlapping submodule names, possibly leading to remote code execution within the GitHub Pages build container. To exploit this vulnerability, an attacker would need permission to create a branch within a repository on the GitHub Enterprise Server instance. CVE-2019-1387

Notable Bug Fixes

  • Commit messages containing links were not clickable or properly rendered in blame view.

We will be applying the patch at 5:00 PM EST on Dec 20th.