Uploaded image for project: 'Data Management'
  1. Data Management
  2. DM-19232

TSSW jenkins 2019-04-10 security advisory

    Details

      Description

      Two CVEs were disclosed yesterday: https://jenkins.io/security/advisory/2019-04-10/

      • SECURITY-1289 / CVE-2019-1003049 isn't relevant as the remoting CLI is disabled
      • SECURITY-1327 / CVE-2019-1003050 doesn't have much information but it sounds as if it would require at least a url to be part of a job name.

        Attachments

          Issue Links

            Activity

            Hide
            jhoblitt Joshua Hoblitt added a comment -

            The update has been announced for this afternoon on the slack #ts-software channel:

            @here A security update for  https://ts-ci.lsst.codes needs to be deployed.  I apologize for the short notice -- I am planning to roll it out this afternoon at ~1700 local/project time.  The disruption is only expected to be a few minutes.
            

            Show
            jhoblitt Joshua Hoblitt added a comment - The update has been announced for this afternoon on the slack #ts-software channel: @here A security update for https: //ts-ci.lsst.codes needs to be deployed. I apologize for the short notice -- I am planning to roll it out this afternoon at ~1700 local/project time. The disruption is only expected to be a few minutes.
            Hide
            jhoblitt Joshua Hoblitt added a comment -

            The core update has been successfully deployed.

            Show
            jhoblitt Joshua Hoblitt added a comment - The core update has been successfully deployed.

              People

              • Assignee:
                jhoblitt Joshua Hoblitt
                Reporter:
                jhoblitt Joshua Hoblitt
                Watchers:
                Andy Clements, Joshua Hoblitt, Rob Bovill
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: