2/17 Update: After installing Azure DevOps Server 2020.1.2 Patch 5 notifications were not getting delivered. To address this issue, we are re-releasing the patch. If you installed Patch 5, you should download and re-install the patch from the link provided in the instructions below.
This month, we are releasing fixes that impact our self-hosted product, Azure DevOps Server.
The following will be fixed with this patch:
- CVE-2023-21564: Azure DevOps Server Cross-Site Scripting Vulnerability
- CVE-2023-21553: Azure DevOps Server Remote Code Execution Vulnerability
- Updated MSBuild and VSBuild tasks to support Visual Studio 2022.
- Update methodology of loading reauthentication to prevent XSS attack vector.
- Azure DevOps Server 2022 Proxy reports the following error: VS800069: This service is only available in on-premises Azure DevOps.
- Fixed shelvesets accessibility issue via web UI.
Azure DevOps Server 2022 Patch 2
If you have Azure DevOps Server 2022, you should install Azure DevOps Server 2022 Patch 2. Check out the release notes for more details.
Verifying Installation
- Run
devops2022patch2.exe CheckInstall,devops2022patch2.exeis the file that is downloaded from the link above. The output of the command will either say that the patch has been installed, or that it is not installed.
Azure DevOps Server 2020.1.2 Patch 5
If you have Azure DevOps Server 2020.1.1, you should first update to Azure DevOps Server 2020.1.2. Once on 2020.1.2, install Azure DevOps Server 2020.1.2 Patch 5. Check out the release notes for more details.
Verifying Installation
- Run
devops2020.1.2patch5.exe CheckInstall,devops2020.1.2patch5.exeis the file that is downloaded from the link above. The output of the command will either say that the patch has been installed, or that it is not installed.
Hello, today I was able to successfully update from azure devops server 2020.1.1 to 2020.1.2, but when I tried to run the devops2020.1.2.patch5.exe it tells me I don’t have sufficient privelages to run this tool. The account I’m logged in as is a member of the team foundation administrators group, and I was able to use the same account to update to 2020.1.2. Any ideas what permission I’m missing?
Thanks!
Hi,
I am trying to explore migrating to the cloud service. However, the Data Migration Tool (2020.1.2RTW_18.181.18965609) is not accepting my current version of 2020 Update 1.2 Patch 5 (18.181.33417.3) (no other patches were installed). It is looking for version 18.181.33213.4 which I can only guess is maybe Patch 4.
I tried to uninstall Patch 5 (https://learn.microsoft.com/en-us/azure/devops/server/install/uninstall-patch?view=azure-devops-2020). Now the Azure DevOps Server Administration Console now reports I have 18.181.32404.7 but when I try to install Patch 4 I get the following:
<code>
Update: Despite doing nothing as I was waiting for several days for a meeting with Microsoft Support, after trying the Migration Tool again, it ran with no complaints. No DevOps updates/patches were installed. No Windows updates were installed. Very bazaar. It would still be nice to know the answers to my questions as it may help others attempting this process.
Hi,
I have Azure DevOps Server 2020 Update 1.2 Patch 2. Do I need to install all previous patches before applying patch 5?
After installing the Patch 1.5 for AzureDevOps 2020 our server says that Version 18.181.33417.3 (Azure DevOps Server 2020 Update 1.2) is installed.
Could you please verify that this is the version expected after successful installation of patch 1.5.
Best Regards
Andreas
Hi Andreas, 18.181.33417.3 is the version after installing Azure DevOps Server 2020.1.2 Patch 5.
Thank you very much 🙂