- Vulnerability/
- RHBA-2014:1630
RHBA-2014:1630: Red Hat OpenShift Enterprise 2.1 jenkins-plugin-openshift bug fix update
First published: Tue Oct 14 2014(Updated: )
OpenShift Enterprise by Red Hat is the company's cloud computing<br>Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud<br>deployments.<br>This update fixes the following bug: <br><li> Changes to the httpd and mod_ssl packages in Red Hat Enterprise Linux 6.6</li> caused certain ciphers' key sizes offered during TLS/SSL handshaking to be<br>larger than the same ciphers' key sizes in previous versions. These larger key<br>sizes are not supported by the current release of openjdk-1.7.0 and cause an<br>exception during TLS/SSL handshaking. On OpenShift Enterprise deployments which<br>had been updated to Red Hat Enterprise Linux 6.6, Jenkins builds failed because<br>the Jenkins plug-in could not negotiate an SSL connection with the broker REST<br>API endpoint.<br>If an updated OpenJDK package newer than java-1.7.0-openjdk-1.7.0.65-2.5.1.2 is<br>available, then the openjdk-1.7.0 package must be updated. On systems where the<br>update is either unavailable or otherwise cannot be installed, this bug fix<br>provides the updated Jenkins cartridge and dependencies to allow the problematic<br>cipher to be disabled. Users can take advantage of this by checking out the<br>Jenkins gear repository and adding the "disable_bad_ciphers_yes" marker file. As<br>a result, Jenkins builds work as before. It is important to note that disabling<br>the problematic cipher degrades the security of the REST API connections from<br>the Jenkins gear, and as soon as possible the OpenJDK package must be updated<br>and the marker file removed from all active Jenkins gears. (BZ#1127667)<br>All OpenShift Enterprise users are advised to upgrade to these updated packages.<br>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/jenkins | <1.565.3-1.el6 | 1.565.3-1.el6 |
| redhat/jenkins-plugin-openshift | <0.6.40.1-0.el6 | 0.6.40.1-0.el6 |
| redhat/openshift-origin-cartridge-jenkins | <1.20.3.5-1.el6 | 1.20.3.5-1.el6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/remedy
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/redhat-errata
- anchor-id/RHBA-2014:1630
- package-manager/redhat