[build system] immediate emergency updates and reboot to deal w/stack clash vulnerability

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[build system] immediate emergency updates and reboot to deal w/stack clash vulnerability

shane knapp
jenkins is affected:

https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
https://access.redhat.com/security/vulnerabilities/stackguard

i'm shutting down jenkins, applying patches and rebooting immediately.

ETA unknown.  hopefully quick.  i'll update here when i find out.

---------------------------------------------------------------------
To unsubscribe e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [build system] immediate emergency updates and reboot to deal w/stack clash vulnerability

shane knapp
ok, we're in a holding pattern as the centos packages haven't been released yet.

once they're out i'll update this thread and start rebooting.

On Mon, Jun 19, 2017 at 10:52 AM, shane knapp <[hidden email]> wrote:
> jenkins is affected:
>
> https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
> https://access.redhat.com/security/vulnerabilities/stackguard
>
> i'm shutting down jenkins, applying patches and rebooting immediately.
>
> ETA unknown.  hopefully quick.  i'll update here when i find out.

---------------------------------------------------------------------
To unsubscribe e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [build system] immediate emergency updates and reboot to deal w/stack clash vulnerability

shane knapp
i've updated the two ubuntu workers (amp-jenkins-staging-01 and -02),
and am still twiddling my thumbs and waiting for centos packages to be
released.

i'm guessing we'll have those some time today, and will update everyone then.

On Mon, Jun 19, 2017 at 11:02 AM, shane knapp <[hidden email]> wrote:

> ok, we're in a holding pattern as the centos packages haven't been released yet.
>
> once they're out i'll update this thread and start rebooting.
>
> On Mon, Jun 19, 2017 at 10:52 AM, shane knapp <[hidden email]> wrote:
>> jenkins is affected:
>>
>> https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
>> https://access.redhat.com/security/vulnerabilities/stackguard
>>
>> i'm shutting down jenkins, applying patches and rebooting immediately.
>>
>> ETA unknown.  hopefully quick.  i'll update here when i find out.

---------------------------------------------------------------------
To unsubscribe e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [build system] immediate emergency updates and reboot to deal w/stack clash vulnerability

shane knapp
ok, the centos packages have been released.  i've put jenkins in to
quiet mode, and will be updating rpms and rebooting ASAP.

updates as they come.

shane

On Mon, Jun 19, 2017 at 2:43 PM, shane knapp <[hidden email]> wrote:

> i've updated the two ubuntu workers (amp-jenkins-staging-01 and -02),
> and am still twiddling my thumbs and waiting for centos packages to be
> released.
>
> i'm guessing we'll have those some time today, and will update everyone then.
>
> On Mon, Jun 19, 2017 at 11:02 AM, shane knapp <[hidden email]> wrote:
>> ok, we're in a holding pattern as the centos packages haven't been released yet.
>>
>> once they're out i'll update this thread and start rebooting.
>>
>> On Mon, Jun 19, 2017 at 10:52 AM, shane knapp <[hidden email]> wrote:
>>> jenkins is affected:
>>>
>>> https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
>>> https://access.redhat.com/security/vulnerabilities/stackguard
>>>
>>> i'm shutting down jenkins, applying patches and rebooting immediately.
>>>
>>> ETA unknown.  hopefully quick.  i'll update here when i find out.

---------------------------------------------------------------------
To unsubscribe e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [build system] immediate emergency updates and reboot to deal w/stack clash vulnerability

shane knapp
and we're back up and building!

On Tue, Jun 20, 2017 at 8:23 AM, shane knapp <[hidden email]> wrote:

> ok, the centos packages have been released.  i've put jenkins in to
> quiet mode, and will be updating rpms and rebooting ASAP.
>
> updates as they come.
>
> shane
>
> On Mon, Jun 19, 2017 at 2:43 PM, shane knapp <[hidden email]> wrote:
>> i've updated the two ubuntu workers (amp-jenkins-staging-01 and -02),
>> and am still twiddling my thumbs and waiting for centos packages to be
>> released.
>>
>> i'm guessing we'll have those some time today, and will update everyone then.
>>
>> On Mon, Jun 19, 2017 at 11:02 AM, shane knapp <[hidden email]> wrote:
>>> ok, we're in a holding pattern as the centos packages haven't been released yet.
>>>
>>> once they're out i'll update this thread and start rebooting.
>>>
>>> On Mon, Jun 19, 2017 at 10:52 AM, shane knapp <[hidden email]> wrote:
>>>> jenkins is affected:
>>>>
>>>> https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
>>>> https://access.redhat.com/security/vulnerabilities/stackguard
>>>>
>>>> i'm shutting down jenkins, applying patches and rebooting immediately.
>>>>
>>>> ETA unknown.  hopefully quick.  i'll update here when i find out.

---------------------------------------------------------------------
To unsubscribe e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [build system] immediate emergency updates and reboot to deal w/stack clash vulnerability

shane knapp
i have to apologize in advance, but it looks like we're going to have
to do an emergency restart of jenkins -- we have two zombie jobs that
aren't timing out and they're blocking new builds for those projects
from starting.

i've put jenkins in to quiet mode, and will do a restart in ~30 mins
to allow some spark PRB builds to finish.

On Tue, Jun 20, 2017 at 9:39 AM, shane knapp <[hidden email]> wrote:

> and we're back up and building!
>
> On Tue, Jun 20, 2017 at 8:23 AM, shane knapp <[hidden email]> wrote:
>> ok, the centos packages have been released.  i've put jenkins in to
>> quiet mode, and will be updating rpms and rebooting ASAP.
>>
>> updates as they come.
>>
>> shane
>>
>> On Mon, Jun 19, 2017 at 2:43 PM, shane knapp <[hidden email]> wrote:
>>> i've updated the two ubuntu workers (amp-jenkins-staging-01 and -02),
>>> and am still twiddling my thumbs and waiting for centos packages to be
>>> released.
>>>
>>> i'm guessing we'll have those some time today, and will update everyone then.
>>>
>>> On Mon, Jun 19, 2017 at 11:02 AM, shane knapp <[hidden email]> wrote:
>>>> ok, we're in a holding pattern as the centos packages haven't been released yet.
>>>>
>>>> once they're out i'll update this thread and start rebooting.
>>>>
>>>> On Mon, Jun 19, 2017 at 10:52 AM, shane knapp <[hidden email]> wrote:
>>>>> jenkins is affected:
>>>>>
>>>>> https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
>>>>> https://access.redhat.com/security/vulnerabilities/stackguard
>>>>>
>>>>> i'm shutting down jenkins, applying patches and rebooting immediately.
>>>>>
>>>>> ETA unknown.  hopefully quick.  i'll update here when i find out.

---------------------------------------------------------------------
To unsubscribe e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [build system] immediate emergency updates and reboot to deal w/stack clash vulnerability

shane knapp
(hopefully this is my last email on this subject...)

jenkins is back up.  the ray and alluxio-master builds have been
de-zombified and are happily building (as well as everything else).

:)

shane

On Tue, Jun 20, 2017 at 12:27 PM, shane knapp <[hidden email]> wrote:

> i have to apologize in advance, but it looks like we're going to have
> to do an emergency restart of jenkins -- we have two zombie jobs that
> aren't timing out and they're blocking new builds for those projects
> from starting.
>
> i've put jenkins in to quiet mode, and will do a restart in ~30 mins
> to allow some spark PRB builds to finish.
>
> On Tue, Jun 20, 2017 at 9:39 AM, shane knapp <[hidden email]> wrote:
>> and we're back up and building!
>>
>> On Tue, Jun 20, 2017 at 8:23 AM, shane knapp <[hidden email]> wrote:
>>> ok, the centos packages have been released.  i've put jenkins in to
>>> quiet mode, and will be updating rpms and rebooting ASAP.
>>>
>>> updates as they come.
>>>
>>> shane
>>>
>>> On Mon, Jun 19, 2017 at 2:43 PM, shane knapp <[hidden email]> wrote:
>>>> i've updated the two ubuntu workers (amp-jenkins-staging-01 and -02),
>>>> and am still twiddling my thumbs and waiting for centos packages to be
>>>> released.
>>>>
>>>> i'm guessing we'll have those some time today, and will update everyone then.
>>>>
>>>> On Mon, Jun 19, 2017 at 11:02 AM, shane knapp <[hidden email]> wrote:
>>>>> ok, we're in a holding pattern as the centos packages haven't been released yet.
>>>>>
>>>>> once they're out i'll update this thread and start rebooting.
>>>>>
>>>>> On Mon, Jun 19, 2017 at 10:52 AM, shane knapp <[hidden email]> wrote:
>>>>>> jenkins is affected:
>>>>>>
>>>>>> https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
>>>>>> https://access.redhat.com/security/vulnerabilities/stackguard
>>>>>>
>>>>>> i'm shutting down jenkins, applying patches and rebooting immediately.
>>>>>>
>>>>>> ETA unknown.  hopefully quick.  i'll update here when i find out.

---------------------------------------------------------------------
To unsubscribe e-mail: [hidden email]

Loading...