Apply fixes for Jenkins Security Advisory 2018-02-26
General
Additional Info
General
Additional Info
Description
Activity
Show:

Former user March 7, 2018 at 1:11 AM
Updates applied to production.
Things to note:
1) typo identified in JAVA_OPTS that cause service failures. Fixed here: https://gerrit.ovirt.org/#/c/88563/
2) foreman's puppetmaster certificate will expire in a few months:
Warning: Certificate 'Puppet CA: foreman.ovirt.org' will expire on 2018-05-05T19:41:35UTC
3) noted that standard-enqueue sometimes takes minutes to run due to dnf slowness on global_setup part - - for example build #10983 - we should optimize this somehow, maybe move this to containers?

Former user February 26, 2018 at 5:34 PM
Plugins updated on Staging, patch sent for review. We'll need to verify if any mitigation steps are required for the EnvInject plugin misbehavior:
https://jenkins.io/security/advisory/2018-02-26/#SECURITY-248
Done
Details
Details
Assignee

Reporter

Priority
Created February 26, 2018 at 5:18 PM
Updated April 1, 2018 at 12:31 PM
Resolved March 7, 2018 at 1:11 AM
There's a new security advisory out fixing security issues in plugins we use:
https://jenkins.io/security/advisory/2018-02-26/
We need to apply it to our Jenkins