GitHub Upgrade – 3.7.3-3.7.4

On Tuesday, January 17th at 5PM EST, the GitHub Service Team will upgrade the GitHub Enterprise service to version 3.7.3. This is a fairly minor upgrade and consists primarily of security and bug fixes. Downtime for the service is expected to last no longer than an hour. Any change to that timeline will be shared on the Service Portal.

If you have any questions or concerns, please contact the GitHub Service Team at github@help.ncsu.edu.

Security Fixes

  • HIGH: Updated Git to include fixes from 2.39.1, which address CVE-2022-41903 and CVE-2022-23521.
  • Dependencies for the CodeQL action have been updated to the latest security versions.
  • Packages have been updated to the latest security versions.

Big fixes

  • Dependabot Alert emails would be sent to disabled repositories.