From jira at ovirt-jira.atlassian.net Fri Oct 13 09:37:05 2017 Content-Type: multipart/mixed; boundary="===============6189823524380509578==" MIME-Version: 1.0 From: Evgheni Dereveanchin (oVirt JIRA) To: infra at ovirt.org Subject: [JIRA] (OVIRT-1695) Apply fixes for Jenkins Security Advisory 2017-10-11 Date: Fri, 13 Oct 2017 09:35:56 +0000 Message-ID: In-Reply-To: JIRA.33221.1507887354000@Atlassian.JIRA --===============6189823524380509578== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable This is a multi-part message in MIME format... ------------=3D_1507887355-22885-252 Content-Type: text/plain; charset=3DUTF-8 Content-Transfer-Encoding: 7bit Evgheni Dereveanchin created OVIRT-1695: ------------------------------------------- Summary: Apply fixes for Jenkins Security Advisory 2017-10-11 Key: OVIRT-1695 URL: https://ovirt-jira.atlassian.net/browse/OVIRT-1695 Project: oVirt - virtualization made easy Issue Type: Bug Reporter: Evgheni Dereveanchin Assignee: infra Priority: High A new security advisory was published for Jenkins that uncovers several iss= ues: https://jenkins.io/security/advisory/2017-10-11/ To close the security gap, the following actions must be taken: * update Jenkins core to 2.73.2+ * update Swarm Plugin to 3.5+ -- This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100065) ------------=3D_1507887355-22885-252 Content-Type: text/html; charset=3D"UTF-8" Content-Disposition: inline Content-Transfer-Encoding: 7bit

Evgheni Dereveanchin created OVIRT-1695:

   Summary: Apply fixes for Jenkins Security Advisory 2017-10-11
       Key: OVIRT-1695
       URL: https://ovirt-jira.atlassian.net/browse/OVIRT-1695
   Project: oVirt - virtualization made easy
Issue Type: Bug
  Reporter: Evgheni Dereveanchin
  Assignee: infra
  Priority: High

A new security advisory was published for Jenkins that uncovers several = issues: https:= //jenkins.io/security/advisory/2017-10-11/

To close the security gap, the following actions must be taken:

— This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#1000= 65)

3D"" ------------=3D_1507887355-22885-252-- --===============6189823524380509578== Content-Type: multipart/alternative MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="attachment.bin" VGhpcyBpcyBhIG11bHRpLXBhcnQgbWVzc2FnZSBpbiBNSU1FIGZvcm1hdC4uLgoKLS0tLS0tLS0t LS0tPV8xNTA3ODg3MzU1LTIyODg1LTI1MgpDb250ZW50LVR5cGU6IHRleHQvcGxhaW47IGNoYXJz ZXQ9VVRGLTgKQ29udGVudC1UcmFuc2Zlci1FbmNvZGluZzogN2JpdAoKRXZnaGVuaSBEZXJldmVh bmNoaW4gY3JlYXRlZCBPVklSVC0xNjk1OgotLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tCgogICAgICAgICAgICAgU3VtbWFyeTogQXBwbHkgZml4ZXMgZm9yIEplbmtp bnMgU2VjdXJpdHkgQWR2aXNvcnkgMjAxNy0xMC0xMQogICAgICAgICAgICAgICAgIEtleTogT1ZJ UlQtMTY5NQogICAgICAgICAgICAgICAgIFVSTDogaHR0cHM6Ly9vdmlydC1qaXJhLmF0bGFzc2lh bi5uZXQvYnJvd3NlL09WSVJULTE2OTUKICAgICAgICAgICAgIFByb2plY3Q6IG9WaXJ0IC0gdmly dHVhbGl6YXRpb24gbWFkZSBlYXN5CiAgICAgICAgICBJc3N1ZSBUeXBlOiBCdWcKICAgICAgICAg ICAgUmVwb3J0ZXI6IEV2Z2hlbmkgRGVyZXZlYW5jaGluCiAgICAgICAgICAgIEFzc2lnbmVlOiBp bmZyYQogICAgICAgICAgICBQcmlvcml0eTogSGlnaAoKCkEgbmV3IHNlY3VyaXR5IGFkdmlzb3J5 IHdhcyBwdWJsaXNoZWQgZm9yIEplbmtpbnMgdGhhdCB1bmNvdmVycyBzZXZlcmFsIGlzc3VlczoK aHR0cHM6Ly9qZW5raW5zLmlvL3NlY3VyaXR5L2Fkdmlzb3J5LzIwMTctMTAtMTEvCgpUbyBjbG9z ZSB0aGUgc2VjdXJpdHkgZ2FwLCB0aGUgZm9sbG93aW5nIGFjdGlvbnMgbXVzdCBiZSB0YWtlbjoK KiB1cGRhdGUgSmVua2lucyBjb3JlIHRvIDIuNzMuMisKKiB1cGRhdGUgU3dhcm0gUGx1Z2luIHRv IDMuNSsKCgoKLS0KVGhpcyBtZXNzYWdlIHdhcyBzZW50IGJ5IEF0bGFzc2lhbiBKaXJhCih2MTAw MS4wLjAtU05BUFNIT1QjMTAwMDY1KQoKLS0tLS0tLS0tLS0tPV8xNTA3ODg3MzU1LTIyODg1LTI1 MgpDb250ZW50LVR5cGU6IHRleHQvaHRtbDsgY2hhcnNldD0iVVRGLTgiCkNvbnRlbnQtRGlzcG9z aXRpb246IGlubGluZQpDb250ZW50LVRyYW5zZmVyLUVuY29kaW5nOiA3Yml0Cgo8aHRtbD48Ym9k eT4KPGgzPkV2Z2hlbmkgRGVyZXZlYW5jaGluIGNyZWF0ZWQgT1ZJUlQtMTY5NTo8L2gzPgo8cHJl PiAgIFN1bW1hcnk6IEFwcGx5IGZpeGVzIGZvciBKZW5raW5zIFNlY3VyaXR5IEFkdmlzb3J5IDIw MTctMTAtMTEKICAgICAgIEtleTogT1ZJUlQtMTY5NQogICAgICAgVVJMOiBodHRwczovL292aXJ0 LWppcmEuYXRsYXNzaWFuLm5ldC9icm93c2UvT1ZJUlQtMTY5NQogICBQcm9qZWN0OiBvVmlydCAt IHZpcnR1YWxpemF0aW9uIG1hZGUgZWFzeQpJc3N1ZSBUeXBlOiBCdWcKICBSZXBvcnRlcjogRXZn aGVuaSBEZXJldmVhbmNoaW4KICBBc3NpZ25lZTogaW5mcmEKICBQcmlvcml0eTogSGlnaDwvcHJl Pgo8cD5BIG5ldyBzZWN1cml0eSBhZHZpc29yeSB3YXMgcHVibGlzaGVkIGZvciBKZW5raW5zIHRo YXQgdW5jb3ZlcnMgc2V2ZXJhbCBpc3N1ZXM6IDxhIGhyZWY9Imh0dHBzOi8vamVua2lucy5pby9z ZWN1cml0eS9hZHZpc29yeS8yMDE3LTEwLTExLyI+aHR0cHM6Ly9qZW5raW5zLmlvL3NlY3VyaXR5 L2Fkdmlzb3J5LzIwMTctMTAtMTEvPC9hPjwvcD4KPHA+VG8gY2xvc2UgdGhlIHNlY3VyaXR5IGdh cCwgdGhlIGZvbGxvd2luZyBhY3Rpb25zIG11c3QgYmUgdGFrZW46PC9wPgo8dWw+PGxpPjxwPnVw ZGF0ZSBKZW5raW5zIGNvcmUgdG8gMi43My4yKzwvcD48L2xpPgo8bGk+PHA+dXBkYXRlIFN3YXJt IFBsdWdpbiB0byAzLjUrPC9wPjwvbGk+PC91bD4KPHA+Jm1kYXNoOyBUaGlzIG1lc3NhZ2Ugd2Fz IHNlbnQgYnkgQXRsYXNzaWFuIEppcmEgKHYxMDAxLjAuMC1TTkFQU0hPVCMxMDAwNjUpPC9wPgoK PGltZyBzcmM9Imh0dHBzOi8vdTQwNDM0MDIuY3Quc2VuZGdyaWQubmV0L3dmL29wZW4/dXBuPWk1 VE1XR1Y5OWFtSmJOeEpwU3AyLTJCQ21wWUx5ellTM3IxUTkzOVQyc2d6MGxxb2FkWnh5ejZFTkQx R0FlRDU1dC0yQmFyY3hUdzdrWTBaQTRNb0R1Ny0yQlo5bGlkS0hlcjZ0a3MzVHZmcW5lNkljejlE ZHFsMjlrb1NRcnRkV2plUXdqQTktMkJ0Y0hZR1JUelAtMkJlNUtXZGNSQlE5UklJQjY5M21paFhx eE4wTUp4QkdNNnAtMkJiYWFGajF4YmxKNzNKQU9ONlhnS3RGelZoZTNxTURJS2RISUxMRXh4UW5Y eW55dFJRUDlZbzJxSEJKYUUtM0QiIGFsdD0iIiB3aWR0aD0iMSIgaGVpZ2h0PSIxIiBib3JkZXI9 IjAiIHN0eWxlPSJoZWlnaHQ6MXB4ICFpbXBvcnRhbnQ7d2lkdGg6MXB4ICFpbXBvcnRhbnQ7Ym9y ZGVyLXdpZHRoOjAgIWltcG9ydGFudDttYXJnaW4tdG9wOjAgIWltcG9ydGFudDttYXJnaW4tYm90 dG9tOjAgIWltcG9ydGFudDttYXJnaW4tcmlnaHQ6MCAhaW1wb3J0YW50O21hcmdpbi1sZWZ0OjAg IWltcG9ydGFudDtwYWRkaW5nLXRvcDowICFpbXBvcnRhbnQ7cGFkZGluZy1ib3R0b206MCAhaW1w b3J0YW50O3BhZGRpbmctcmlnaHQ6MCAhaW1wb3J0YW50O3BhZGRpbmctbGVmdDowICFpbXBvcnRh bnQ7Ii8+CjwvYm9keT48L2h0bWw+CgotLS0tLS0tLS0tLS09XzE1MDc4ODczNTUtMjI4ODUtMjUy LS0K --===============6189823524380509578==--