jenkins remote code execution vulnerability: CLI has been disabled on ovirt jenkins until further notice
Max Kovgan
mkovgan at redhat.com
Sun Nov 8 09:25:24 UTC 2015
hi all.
Sorry for the late response, but following the discovered vulnerability [1],
the CLI service on jenkins.ovirt.org has been disabled until further notice.
We're probably breaking someone's automation, sorry for that.
Please contact this list with specific problems, we can help to mitigate.
Future Infra owners: please be attentive to the fix availability.
Best Regards,
Infra Team.
P.S.
Sagi Shnaidman, thanks!
References:
[1]
https://jenkins-ci.org/content/mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli
--
Max Kovgan
Senior Software Engineer
Red Hat - EMEA ENG Virtualization R&D
Tel.: +972 9769 2060
Email: mkovgan [at] redhat [dot] com
Web: http://www.redhat.com
RHT Global #: 82-72060
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/infra/attachments/20151108/4ba20e42/attachment.html>
More information about the Infra
mailing list