From 9490533fcb7b7d5c16f8fea082a06ee66dd5db8f Mon Sep 17 00:00:00 2001 From: Devin Dooley Date: Tue, 15 Nov 2022 16:12:23 -0800 Subject: [PATCH] Revert "Security#5415 changelog additions" (#32646) --- data/release-notes/enterprise-server/3-3/16.yml | 6 ------ data/release-notes/enterprise-server/3-4/11.yml | 6 ------ data/release-notes/enterprise-server/3-5/8.yml | 6 ------ data/release-notes/enterprise-server/3-6/4.yml | 6 ------ 4 files changed, 24 deletions(-) delete mode 100644 data/release-notes/enterprise-server/3-3/16.yml delete mode 100644 data/release-notes/enterprise-server/3-4/11.yml delete mode 100644 data/release-notes/enterprise-server/3-5/8.yml delete mode 100644 data/release-notes/enterprise-server/3-6/4.yml diff --git a/data/release-notes/enterprise-server/3-3/16.yml b/data/release-notes/enterprise-server/3-3/16.yml deleted file mode 100644 index 86d2f89bed48..000000000000 --- a/data/release-notes/enterprise-server/3-3/16.yml +++ /dev/null @@ -1,6 +0,0 @@ -date: '2022-12-06' - -sections: - security_fixes: - - | - **HIGH**: Added an extra check to harden against a path traversal bug that could lead to remote code execution in GitHub Pages builds on GitHub Enterprise Server. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This bug was originally reported via GitHub's Bug Bounty program and assigned [CVE-2021-22870](https://nvd.nist.gov/vuln/detail/CVE-2021-22870). diff --git a/data/release-notes/enterprise-server/3-4/11.yml b/data/release-notes/enterprise-server/3-4/11.yml deleted file mode 100644 index 86d2f89bed48..000000000000 --- a/data/release-notes/enterprise-server/3-4/11.yml +++ /dev/null @@ -1,6 +0,0 @@ -date: '2022-12-06' - -sections: - security_fixes: - - | - **HIGH**: Added an extra check to harden against a path traversal bug that could lead to remote code execution in GitHub Pages builds on GitHub Enterprise Server. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This bug was originally reported via GitHub's Bug Bounty program and assigned [CVE-2021-22870](https://nvd.nist.gov/vuln/detail/CVE-2021-22870). diff --git a/data/release-notes/enterprise-server/3-5/8.yml b/data/release-notes/enterprise-server/3-5/8.yml deleted file mode 100644 index 86d2f89bed48..000000000000 --- a/data/release-notes/enterprise-server/3-5/8.yml +++ /dev/null @@ -1,6 +0,0 @@ -date: '2022-12-06' - -sections: - security_fixes: - - | - **HIGH**: Added an extra check to harden against a path traversal bug that could lead to remote code execution in GitHub Pages builds on GitHub Enterprise Server. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This bug was originally reported via GitHub's Bug Bounty program and assigned [CVE-2021-22870](https://nvd.nist.gov/vuln/detail/CVE-2021-22870). diff --git a/data/release-notes/enterprise-server/3-6/4.yml b/data/release-notes/enterprise-server/3-6/4.yml deleted file mode 100644 index 86d2f89bed48..000000000000 --- a/data/release-notes/enterprise-server/3-6/4.yml +++ /dev/null @@ -1,6 +0,0 @@ -date: '2022-12-06' - -sections: - security_fixes: - - | - **HIGH**: Added an extra check to harden against a path traversal bug that could lead to remote code execution in GitHub Pages builds on GitHub Enterprise Server. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This bug was originally reported via GitHub's Bug Bounty program and assigned [CVE-2021-22870](https://nvd.nist.gov/vuln/detail/CVE-2021-22870).