language:LANGUAGE `fork:true` | [**android language:java fork:true**](https://github.com/search?q=android+language%3Ajava+fork%3Atrue&type=Code) matches code with the word "android" that's written in Java, in both forks and regular repositories.
| `fork:only` | [**github fork:only**](https://github.com/search?q=github+fork%3Aonly&type=Repositories) matches all fork repositories containing the word "github."
| forks:>n `fork:only` | [**forks:>500 fork:only**](https://github.com/search?q=forks%3A%3E500+fork%3Aonly&type=Repositories) matches repositories with more than 500 forks, and only returns those that are forks.
+## Code search
+
+{% data variables.product.github %} code search uses `is:fork` instead of `fork:true` to include forked repositories in code search results. To exclude forks, use `NOT is:fork`.{% ifversion code-search-upgrade %} For more information, see [AUTOTITLE](/search-github/github-code-search/understanding-github-code-search-syntax).{% endif %}
+
+| Qualifier | Example
+| ------------- | -------------
+| `is:fork` | [**android language:java is:fork**](https://github.com/search?q=android+language%3Ajava+is%3Afork&type=code) matches code with the word "android" that's written in Java, in forked repositories.
+| `NOT is:fork` | [**android language:java NOT is:fork**](https://github.com/search?q=android+language%3Ajava+NOT+is%3Afork&type=code) matches code with the word "android" that's written in Java, excluding forked repositories.
+
## Further reading
* [AUTOTITLE](/pull-requests/collaborating-with-pull-requests/working-with-forks/about-forks)
diff --git a/content/support/contacting-github-support/creating-a-support-ticket.md b/content/support/contacting-github-support/creating-a-support-ticket.md
index cec6f6ea329c..6b7968e7552b 100644
--- a/content/support/contacting-github-support/creating-a-support-ticket.md
+++ b/content/support/contacting-github-support/creating-a-support-ticket.md
@@ -59,6 +59,7 @@ After you create your ticket, you can view your ticket and the responses from {%
* Copy exact wording of all error messages related to your issue.
* Determine if there is an existing ticket number in any ongoing communications with {% data variables.contact.github_support %}.
* Include relevant logs and attach any screenshots that demonstrate the issue.
+ * When providing screenshots, ensure the full URL is visible in the address bar. This helps {% data variables.contact.github_support %} locate the relevant information more quickly. Be sure to redact any sensitive information.
{% ifversion ghes %}
diff --git a/data/release-notes/enterprise-server/3-14/24.yml b/data/release-notes/enterprise-server/3-14/24.yml
index 8e1c230dfdb8..0f5edaeea49e 100644
--- a/data/release-notes/enterprise-server/3-14/24.yml
+++ b/data/release-notes/enterprise-server/3-14/24.yml
@@ -1,4 +1,10 @@
date: '2026-03-10'
+intro: |
+ {% warning %}
+
+ **Warning**: {% data variables.product.prodname_ghe_server %} 3.14.24 has been unpublished due to mismatched Git versions between containers. Please use the most recent available patch release of 3.14. [Updated: 2026-03-13]
+
+ {% endwarning %}
sections:
security_fixes:
- |
@@ -22,6 +28,8 @@ sections:
- |
To improve performance on large instances, HAProxy automatically scales its thread count based on available CPUs and uses higher connection limits for high-traffic backend services including GitHub Actions, database connections, job queues, and package registry. Administrators can override the thread count using `ghe-config haproxy-nbthread` if needed.
known_issues:
+ - |
+ The Git version included in the release did not match the version used by the gitrpcd service due to incorrect version determination during the build process. [Updated: 2026-03-13]
- |
During the validation phase of a configuration run, a `No such object` error may occur for the Notebook and Viewscreen services. This error can be ignored as the services should still correctly start.
- |
diff --git a/data/release-notes/enterprise-server/3-14/25.yml b/data/release-notes/enterprise-server/3-14/25.yml
new file mode 100644
index 000000000000..38f753238c2a
--- /dev/null
+++ b/data/release-notes/enterprise-server/3-14/25.yml
@@ -0,0 +1,60 @@
+date: '2026-03-12'
+sections:
+ security_fixes:
+ - |
+ **HIGH**: An attacker with push access to a repository could execute arbitrary code on the instance by injecting malicious values into Git push options. The push options were not properly sanitized before being included in internal headers used for Git operations, allowing the attacker to override internal metadata fields and achieve remote code execution. GitHub has requested CVE ID [CVE-2026-3854](https://www.cve.org/cverecord?id=CVE-2026-3854) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/).
+ - |
+ **MEDIUM**: An attacker with read access to a repository and write access to a project could bypass repository write permissions to modify issue and pull request labels, assignees, and other metadata by adding duplicate items to the project. GitHub has requested CVE ID [CVE-2026-3306](https://www.cve.org/cverecord?id=CVE-2026-3306) for this vulnerability, which was reported via the [GitHub Bug Bounty program](https://bounty.github.com/).
+ bugs:
+ - |
+ The Git version included in the release did not match the version used by the gitrpcd service due to incorrect version determination during the build process.
+ - |
+ Users experienced delays or failures when performing Git operations over HTTP. The operations could hang indefinitely due to a deadlock in the babeld service.
+ - |
+ When administrators applied configuration changes via the Management Console, the state shown would occasionally briefly flicker to a failure before being marked as successful causing confusion as to whether the configuration had succeeded.
+ - |
+ After an upgrade, `ghe-config-apply` could fail to remove some pre-upgrade Docker images and report `Error response from daemon: conflict: unable to delete Member User was added to Union type BypassActor