2/17 Update: After installing Azure DevOps Server 2020.1.2 Patch 5 notifications were not getting delivered. To address this issue, we are re-releasing the patch. If you installed Patch 5, you should download and re-install the patch from the link provided in the instructions below.
This month, we are releasing fixes that impact our self-hosted product, Azure DevOps Server.
The following will be fixed with this patch:
- CVE-2023-21564: Azure DevOps Server Cross-Site Scripting Vulnerability
- CVE-2023-21553: Azure DevOps Server Remote Code Execution Vulnerability
- Updated MSBuild and VSBuild tasks to support Visual Studio 2022.
- Update methodology of loading reauthentication to prevent XSS attack vector.
- Azure DevOps Server 2022 Proxy reports the following error: VS800069: This service is only available in on-premises Azure DevOps.
- Fixed shelvesets accessibility issue via web UI.
Azure DevOps Server 2022 Patch 2
If you have Azure DevOps Server 2022, you should install Azure DevOps Server 2022 Patch 2. Check out the release notes for more details.
Verifying Installation
- Run
devops2022patch2.exe CheckInstall,devops2022patch2.exeis the file that is downloaded from the link above. The output of the command will either say that the patch has been installed, or that it is not installed.
Azure DevOps Server 2020.1.2 Patch 5
If you have Azure DevOps Server 2020.1.1, you should first update to Azure DevOps Server 2020.1.2. Once on 2020.1.2, install Azure DevOps Server 2020.1.2 Patch 5. Check out the release notes for more details.
Verifying Installation
- Run
devops2020.1.2patch5.exe CheckInstall,devops2020.1.2patch5.exeis the file that is downloaded from the link above. The output of the command will either say that the patch has been installed, or that it is not installed.
Hello, today I was able to successfully update from azure devops server 2020.1.1 to 2020.1.2, but when I tried to run the devops2020.1.2.patch5.exe it tells me I don’t have sufficient privelages to run this tool. The account I’m logged in as is a member of the team foundation administrators group, and I was able to use the same account to update to 2020.1.2. Any ideas what permission I’m missing?
Thanks!
Hi,
I am trying to explore migrating to the cloud service. However, the Data Migration Tool (2020.1.2RTW_18.181.18965609) is not accepting my current version of 2020 Update 1.2 Patch 5 (18.181.33417.3) (no other patches were installed). It is looking for version 18.181.33213.4 which I can only guess is maybe Patch 4.
I tried to uninstall Patch 5 (https://learn.microsoft.com/en-us/azure/devops/server/install/uninstall-patch?view=azure-devops-2020). Now the Azure DevOps Server Administration Console now reports I have 18.181.32404.7 but when I try to install Patch 4 I get the following:
<code>
Update: Despite doing nothing as I was waiting for several days for a meeting with Microsoft Support, after trying the Migration Tool again, it ran with no complaints. No DevOps updates/patches were installed. No Windows updates were installed. Very bazaar. It would still be nice to know the answers to my questions as it may help others attempting this process.
Hi,
I have Azure DevOps Server 2020 Update 1.2 Patch 2. Do I need to install all previous patches before applying patch 5?
After installing the Patch 1.5 for AzureDevOps 2020 our server says that Version 18.181.33417.3 (Azure DevOps Server 2020 Update 1.2) is installed.
Could you please verify that this is the version expected after successful installation of patch 1.5.
Best Regards
Andreas
Hi Andreas, 18.181.33417.3 is the version after installing Azure DevOps Server 2020.1.2 Patch 5.
Thank you very much 🙂
Just to be on the save side: I plan to do a fresh installation of Azure DevOps Server 2020.1.2 via ISO-Download. Is patch 5 cumulative or do I have to install all previous patches before patch 5?
Hi Raphael, patches are cumulative. You should install Azure DevOps Server 2020.1.2 Patch 5 after the fresh install of Azure DevOps Server 2020.1.2.
After applying the patch on AzDO 2020.1.2, classic pipeline still shows only MSbuild 16.0/Visual Studio 2019
Thank you, Markus, Daniel, and Alexander, for your feedback. It makes sense to specify in the blog post the changes that are applicable to each version of the product.
@Markus,
what are you expecting ? Visual Studio 2022 ?
support for VS 2022 is only added in AzureDevOps Server 2022 Patch 2 but not in 2020.1.2.
if you need VS 2022 support with AzDO 2020.1.2 than you can install Visual Studio 2022 support by Jesse from marketplace https://marketplace.visualstudio.com/items?itemName=jessehouwing.visualstudio and later switch back to standard task with VS2022 support after upgrading to AzDO 2022.
we’re currently using it and it works except that it is annoying to replace all the tasks which are using Visual Studio or VS Test.
Ok, then the description is misleading
BTW, the description also doesn’t mention that the build agent version will be updated (Which makes sense for supporting VS2022, which according to your statement is not the case 🤔)
I totally agree with Markus, so the blog reads like the changes are included in both patches, also Updated MSBuild and VSBuild tasks to support Visual Studio 2022. That could be improved.
the content of the blog is could be misleading.
You need to read the release notes for both patch and than you get that updated tasks for VS2022 are only included in Azure DevOps Server 2022 patch 2
After installing the patch (patching from plain 2020.1.2 to 2020.1.2 patch 5) on our instance it didnt send any mail notifications (pull requests, approval, comment mentions). Mail test from Console was successful but event log showed many errors (I removed some personal information)
Application Domain: TfsJobAgent.exe
Assembly: Microsoft.TeamFoundation.Framework.Server, Version=18.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a; v4.0.30319
Service Host: XXXXXXX (DefaultCollection)
Process Details:
Process Name: TfsJobAgent
Account name: XXXX
Detailed Message: TF400703: Unable to initialize the specified service Microsoft.TeamFoundation.Framework.Server.SmtpSettingsService.
Exception Message: TF400367: The request could not be performed due to a host type mismatch. Please check any connection information and verify the information is...
Thank you all for reporting this issue. We have re-released the patch and it is ready for you to install from the links provided in this blog.
I can confirm that the re-released patch for 2020 fixes the reported issue.
So this did not impact 2022 Patch 2?
Correct, it didn’t impact Azure DevOps Server 2022 Patch 2.
Daniel, they are both the same.
Gloridel,
what is the difference of Azure DevOps Server 2022 Patch2 version 19.205.33402.2 released on Feb 15 compared to the download from Azure DevOps Server 2022 Patch2 version 18.181.32404.7 downloaded Feb 22 ?
the same 2022 Patch 2 with two different version numbers is confusing especially as the old list of Azure DevOps Server build numbers is no longer updated with official released Azure DevOps Server patches.
this comment has been deleted.
this comment has been deleted.
this comment has been deleted.
Hello,
thanks for reporting this issue. We addressed it and will re-release the patch very soon.
Customers who already install Patch 5 for Azure DevOps Server 2020.1.2, will need to download updated patch and re-install it.
Sorry for the inconvinience it caused. We will reply to this thread once updated patch is available.
Regards,
–Vladimir
Hi Michael, I forwarded your message to our team for investigation.
FWIW, I can confirm the exact same behavior identified by Michael Hauer after I applied Patch 5. Besides test emails generated from the console, no other alerts are working.
sdfd
I also made a Developer Community report
I am interested in where this ends. We would not like to update if it results in no notification mails.
Hi!
We’re missing Updates to Azure File Copy task and Repository as protected resource features in our installation of Azure DevOps Server 2022 v19.205.33122.1.
https://developercommunity.visualstudio.com/t/Azure-File-Copy-task-v5-missing-in-Azure/10275323?viewtype=all
https://developercommunity.visualstudio.com/t/Feature-Add-protection-to-repository-re/10275298
When will these be available?
Link to the developer community report of the proxy issue:
https://developercommunity.visualstudio.com/t/Proxy-upgrade-to-2022-breaks-its-functio/10264792
LGTM. I had installes the 2022.patch1 and 2022.patch2 on my lab server. After install both patch file, I reopened the azuredevops manager console, and the version number is still Server2022, not showinng the patch number. How can I make sure the patch was already installed completely?
Hi Quintos, did you try the verification steps listed in the blog post? You can also check the version of the following file:
Azure DevOps Server 2022 is installed to c:\Program Files\Azure DevOps Server 2022 by default. After installing Azure DevOps Server 2022 Patch 2, the version will be 19.205.33402.2.
@Gloridel
after running a fresh installation of Azure DevOps Server 2020.1 and upgrading it with the various patches til Azure DevOps Server 2022 Patch 2 the file Microsft.TeamFoundation.Framework.Server.dll is found in folder “Application Tier\Web Services\bin” and not in “Application Tier\bin” as you wrote.
In addition various files including “Application Tier\bin\Microsoft.TeamFoundation.Framework.Server.dll” from Azure DevOps Server 2020 installation are not uninstalled.
Thanks. It works. And if I reinstall the patch2.exe, it will show current installed patch version .