Security Fixes
- MEDIUM – Under certain circumstances, users who were removed from a team or organization could retain write access to branches they had existing pull requests opened for.
Bug Fixes
- Users were experiencing service unavailability after upgrading due to a mismatch of internal and external timeout values.
- References to the “Dependency graph” and “Dependabot alerts” features were shown on repositories where they were not enabled.
- HTTP POST requests to the
/hooksendpoint could fail with a 401 response due to thehookIDbeing set incorrectly.
The update will be applied Tuesday June 1 , 2021 at 5:00PM.
Some fixes have been omitted based on relevance to NC State’s instance of GitHub Enterprise. See the complete upgrade notes at GitHub Enterprise: https://docs.github.com/en/enterprise-server@3.0/admin/release-notes#3.0.8