Hi, Jenkins has published a list of serious vulnerabilities [1].
Please note that while we have no reasons to believe we have been compromised, we are still going to be rotating the various secrets, keys and passwords stored in Jenkins credentials as a safety precaution. For jobs using JJB, this should hopefully be transparent since the UUID of the secret will not change (but the contents of the secret will). If anything around RDO CI automation (including third party CI) breaks as a result of this, please let me know here or on IRC (dmsimard) Thanks, [1]: https://jenkins.io/security/advisory/2018-02-14/ David Moreau Simard Senior Software Engineer | OpenStack RDO dmsimard = [irc, github, twitter] _______________________________________________ dev mailing list dev@lists.rdoproject.org http://lists.rdoproject.org/mailman/listinfo/dev To unsubscribe: dev-unsubscr...@lists.rdoproject.org
