February 14th, 2023
heart1 reaction

Updated: February patches for Azure DevOps Server

Senior Technical Program Manager

2/17 Update: After installing Azure DevOps Server 2020.1.2 Patch 5 notifications were not getting delivered. To address this issue, we are re-releasing the patch. If you installed Patch 5, you should download and re-install the patch from the link provided in the instructions below.

This month, we are releasing fixes that impact our self-hosted product, Azure DevOps Server.

The following will be fixed with this patch:

  • CVE-2023-21564: Azure DevOps Server Cross-Site Scripting Vulnerability
  • CVE-2023-21553: Azure DevOps Server Remote Code Execution Vulnerability
  • Updated MSBuild and VSBuild tasks to support Visual Studio 2022.
  • Update methodology of loading reauthentication to prevent XSS attack vector.
  • Azure DevOps Server 2022 Proxy reports the following error: VS800069: This service is only available in on-premises Azure DevOps.
  • Fixed shelvesets accessibility issue via web UI.

Azure DevOps Server 2022 Patch 2

If you have Azure DevOps Server 2022, you should install Azure DevOps Server 2022 Patch 2. Check out the release notes for more details.

Verifying Installation

  • Run devops2022patch2.exe CheckInstall, devops2022patch2.exe is the file that is downloaded from the link above. The output of the command will either say that the patch has been installed, or that it is not installed.

Azure DevOps Server 2020.1.2 Patch 5

If you have Azure DevOps Server 2020.1.1, you should first update to Azure DevOps Server 2020.1.2. Once on 2020.1.2, install Azure DevOps Server 2020.1.2 Patch 5. Check out the release notes for more details.

Verifying Installation

  • Run devops2020.1.2patch5.exe CheckInstall, devops2020.1.2patch5.exe is the file that is downloaded from the link above. The output of the command will either say that the patch has been installed, or that it is not installed.

Author

Gloridel Morales
Senior Technical Program Manager

Gloridel is a Senior Technical Program Manager on the Azure DevOps team.

40 comments

Discussion is closed. Login to edit/delete existing comments.

Sort by :
  • Bruno, John

    Hello, today I was able to successfully update from azure devops server 2020.1.1 to 2020.1.2, but when I tried to run the devops2020.1.2.patch5.exe it tells me I don’t have sufficient privelages to run this tool. The account I’m logged in as is a member of the team foundation administrators group, and I was able to use the same account to update to 2020.1.2. Any ideas what permission I’m missing?

    Thanks!

  • Patrick Sheldon

    Hi,

    I am trying to explore migrating to the cloud service. However, the Data Migration Tool (2020.1.2RTW_18.181.18965609) is not accepting my current version of 2020 Update 1.2 Patch 5 (18.181.33417.3) (no other patches were installed). It is looking for version 18.181.33213.4 which I can only guess is maybe Patch 4.

    I tried to uninstall Patch 5 (https://learn.microsoft.com/en-us/azure/devops/server/install/uninstall-patch?view=azure-devops-2020). Now the Azure DevOps Server Administration Console now reports I have 18.181.32404.7 but when I try to install Patch 4 I get the following:

    <code>

    Read more
    • Patrick Sheldon · Edited

      Update: Despite doing nothing as I was waiting for several days for a meeting with Microsoft Support, after trying the Migration Tool again, it ran with no complaints. No DevOps updates/patches were installed. No Windows updates were installed. Very bazaar. It would still be nice to know the answers to my questions as it may help others attempting this process.

  • PaweÅ‚ Borkowski · Edited

    Hi,

    I have Azure DevOps Server 2020 Update 1.2 Patch 2. Do I need to install all previous patches before applying patch 5?

  • andreas-nitsch

    After installing the Patch 1.5 for AzureDevOps 2020 our server says that Version 18.181.33417.3 (Azure DevOps Server 2020 Update 1.2) is installed.

    Could you please verify that this is the version expected after successful installation of patch 1.5.

    Best Regards

    Andreas

    • Gloridel MoralesMicrosoft employee Author

      Hi Andreas, 18.181.33417.3 is the version after installing Azure DevOps Server 2020.1.2 Patch 5.

      • andreas-nitsch

        Thank you very much 🙂