[FOLIO-3397] Rebuild jenkins-slave fixing linux privilige escalation (CVE-2022-0185) Created: 20/Jan/22  Updated: 21/Jan/22  Resolved: 21/Jan/22

Status: Closed
Project: FOLIO
Components: Continuous Integration
Affects versions: None
Fix versions: None

Type: Bug Priority: TBD
Reporter: Julian Ladisch Assignee: David Crossley
Resolution: Done Votes: 0
Labels: security
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original estimate: Not Specified

Sprint: DevOps Sprint 131
Development Team: FOLIO DevOps

 Description   

 

Ubuntu 20.04 LTS (Focal Fossa) used in jenkins-slave docker container is affected by this privilege escalation security issue in linux:

A patched linux (5.4.0-96.109) has been released 2022-01-18.

Please rebuild jenkins-slave so that FOLIO's CI uses the fixed version.



 Comments   
Comment by David Crossley [ 21/Jan/22 ]

Built and deployed image jenkins-slave-all:java-11 (v2.9.4) and tested on various Jenkins jobs.

 

Comment by Julian Ladisch [ 21/Jan/22 ]

Thanks for the quick fix!

Generated at Thu Feb 08 23:27:48 UTC 2024 using Jira 1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d.