With this patch cycle, we are releasing fixes that impact our self-hosted product, Azure DevOps Server, as well as Team Foundation Server 2018.3.2. Please see the release notes for additional installation instructions.
The following will be fixed with this patch:
Upgraded search plugins to use log4j core version 2.17.1.
2/23 Update: If Azure DevOps Server/TFS and Elasticsearch are installed on different machines, follow the steps outlined below.
-
Upgrade the server with the latest patch.
-
Check the registry value at HKLM:\Software\Elasticsearch\Version on the ElasticSearch server machine. Update the registry value to 5.4.1, this value is irrespective if you have higher version of ElasticSearch. If the registry value is not there, add a string value and set the Version to 5.4.1 (Name = Version, Value = 5.4.1). You will have to reindex the collection after the patch if there was no registry value.
-
Copy the content of the folder named zip, located on C:\Program Files{TFS Version Folder}\Search\zip to the Elasticsearch remote file folder.
-
Run Configure-TFSSearch.ps1 -Operation update on the Elasticsearch server machine.
2/17 Update: Do not update Log4 jar file manually to 2.17.1, this is unsupported and will cause Elasticsearch to not work properly or break.
2/8 Update: The addition of the plugins upgrading to 2.17.1 was incorrect and we apologize for the confusion that this caused. Currently, using Configure-TFS is the only supported means to update Elasticsearch. We are in the process of validating the patches on a more comprehensive configuration matrix including installation of Elasticsearch on a separate machine and will update the release notes and/or patches in the next few days.
- Addressed Elasticsearch vulnerability by removing the jndilookup class from log4j binaries.
- Email notifications were not sent when using the @mention control in a work item.
- Preferred email address was not getting updated in user profile.
- Header was not shown in the Project Summary page.
- Improvement to Active Directory user sync.
Azure DevOps Server 2020.1.1 Patch 4
If you have Azure DevOps Server 2020.1.1, you should install Azure DevOps Server 2020.1.1 Patch 4. Check out the release notes for more details.
Verifying Installation
-
Option 1: Run
devops2020.1.1patch4.exe CheckInstall, devops2020.1.1patch4.exe is the file that is downloaded from the link above. The output of the command will either say that the patch has been installed, or that is not installed. -
Option 2: Check the version of the following file:
[INSTALL_DIR]\Azure DevOps Server 2020\Application Tier\bin\Microsoft.Teamfoundation.Framework.Server.dll. Azure DevOps Server 2020.1.1 is installed toc:\Program Files\Azure DevOps Server 2020by default. After installing Azure DevOps Server 2020.1.1 Patch 4, the version will be 18.181.32118.5.
Azure DevOps Server 2020.0.1 Patch 9
If you have Azure DevOps Server 2020.0.1, you should install Azure DevOps Server 2020.0.1 Patch 9. Check out the release notes for more details.
Verifying Installation
-
Option 1: Run
devops2020.0.1patch9.exe CheckInstall, devops2020.0.1patch9.exe is the file that is downloaded from the link above. The output of the command will either say that the patch has been installed, or that is not installed. -
Option 2: Check the version of the following file:
[INSTALL_DIR]\Azure DevOps Server 2020\Application Tier\bin\Microsoft.Teamfoundation.Framework.Server.dll. Azure DevOps Server 2020.0.1 is installed toc:\Program Files\Azure DevOps Server 2020by default. After installing Azure DevOps Server 2020.0.1 Patch 9, the version will be 18.17032118.4.
Azure DevOps Server 2019.1.1 Patch 13
If you have Azure DevOps Server 2019 Update 1.1, you should install Azure DevOps Server 2019 Update 1.1 Patch 13. Check out the release notes for more details
Verifying Installation
-
Option 1: Run
devops2019.1.1patch13.exe CheckInstall.devops2019.1.1patch13.exeis the file that is downloaded from the link above. The output of the command will either say that the patch has been installed, or that is not installed. -
Option 2: Check the version of the following file:
[INSTALL_DIR]\Azure DevOps Server 2019\Application Tier\Web Services\bin\Microsoft.VisualStudio.Services.Feed.Server.dll. Azure DevOps Server 2019 is installed toc:\Program Files\Azure DevOps Server 2019by default. After installing Azure DevOps Server 2019.1.1 Patch 13, the version will be 17.153.32118.3.
Azure DevOps Server 2019.0.1 Patch 12
If you have Azure DevOps Server 2019, you should first update to Azure DevOps Server 2019.0.1. Once on 2019.0.1, install Azure DevOps Server 2019.0.1 Patch 12. Check out the release notes for more details.
Verifying Installation
-
Option 1: Run
devops2019.0.1patch12.exe CheckInstall.devops2019.1.1patch12.exeis the file that is downloaded from the link above. The output of the command will either say that the patch has been installed, or that is not installed. -
Option 2: Check the version of the following file:
[INSTALL_DIR]\Azure DevOps Server 2019\Application Tier\Web Services\bin\Microsoft.VisualStudio.Services.Feed.Server.dll. Azure DevOps Server 2019 is installed toc:\Program Files\Azure DevOps Server 2019by default. After installing Azure DevOps Server 2019.0.1 Patch 12, the version will be 17.143.32118.2.
TFS 2018 Update 3.2 Patch 16
If you have TFS 2018 Update 2 or Update 3, you should first update to TFS 2018 Update 3.2. Once on Update 3.2, install TFS 2018 Update 3.2 Patch 16. Check out the release notes for more details
Verifying Installation
-
Option 1: Run
tfs2018.3.2patch16.exe CheckInstall, tfs2018.3.2patch16.exe is the file that is downloaded from the link above. The output of the command will either say that the patch has been installed, or that is not installed. -
Option 2: Check the version of the following file:
[TFS_INSTALL_DIR]\Application Tier\Web Services\bin\Microsoft.TeamFoundation.WorkItemTracking.Web.dll. TFS 2018 is installed toc:\Program Files\Microsoft Team Foundation Server 2018by default. After installing TFS 2018 Update 3.2 Patch 16, the version will be 16.131.32118.1.
Last updated: 2/23/2022 @ 6:25 pm PST
45 comments