Uploaded image for project: 'Data Management'
  1. Data Management
  2. DM-19231

jenkins 2019-04-10 security advisory

    Details

      Description

      Two CVEs were disclosed yesterday: https://jenkins.io/security/advisory/2019-04-10/

      • SECURITY-1289 / CVE-2019-1003049 isn't relevant as the remoting CLI is disabled
      • SECURITY-1327 / CVE-2019-1003050 doesn't have much information but it sounds as if it would require at least a url to be part of a job name.

        Attachments

          Issue Links

            Activity

            Hide
            jhoblitt Joshua Hoblitt added a comment -

            An update for this afternoon has been announced via c.l.o.:

            https://community.lsst.org/t/jenkins-maintenance-thursday-2019-04-11-1700-project-time/3658

            Show
            jhoblitt Joshua Hoblitt added a comment - An update for this afternoon has been announced via c.l.o.: https://community.lsst.org/t/jenkins-maintenance-thursday-2019-04-11-1700-project-time/3658
            Hide
            jhoblitt Joshua Hoblitt added a comment -

            The update has been successfully deployed.

            Show
            jhoblitt Joshua Hoblitt added a comment - The update has been successfully deployed.

              People

              • Assignee:
                jhoblitt Joshua Hoblitt
                Reporter:
                jhoblitt Joshua Hoblitt
                Watchers:
                Gabriele Comoretto, Joshua Hoblitt
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: