Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mitigate jenkins faults reported by Upguard #3400

Open
Tracked by #3380
sxa opened this issue Feb 16, 2024 · 4 comments
Open
Tracked by #3380

Mitigate jenkins faults reported by Upguard #3400

sxa opened this issue Feb 16, 2024 · 4 comments
Assignees
@sxa
Labels
Jenkins security
Milestone
2024-08 (August)

Comments

@sxa
Copy link
Member

sxa commented Feb 16, 2024

Details private but can be shared with anyone in the team able to work on it.
@sxa sxa added the security label Feb 16, 2024
@sxa sxa added this to the 2024-03 (March) milestone Feb 16, 2024
@sxa sxa mentioned this issue Feb 16, 2024
Open
20 tasks
@sxa sxa modified the milestones: 2024-03 (March), 2024-04 (April) Mar 27, 2024
@sxa sxa modified the milestones: 2024-04 (April), 2024-06 (June) May 13, 2024
@TiagoLucas22478
Copy link

Hey @sxa and other Adoptium committers,
What can we at the Foundation do for this issue to go easier?
There are some findings on UpGuard and we see this issue is not getting a lot of traction.

@mbarbero

@sxa
Copy link
Member Author

sxa commented Jul 9, 2024

Replying via email - many of them appear to be because we're using an Ubuntu-supported nginx and upguard may be objecting because it's not a later version.

@sxa sxa added the Jenkins label Jul 9, 2024
@sxa sxa self-assigned this Jul 9, 2024
@sxa sxa modified the milestones: 2024-06 (June), 2024-07 (July) Jul 9, 2024
@sxa
Copy link
Member Author

sxa commented Jul 9, 2024
edited
Loading

server_tokens off; added to nginx configuration on jenkins and TRSS in order to remove the version number from HTTP responses.

EDIT 25/July: Same change applied to AWX server.

@sxa sxa modified the milestones: 2024-07 (July), 2024-08 (August) Jul 31, 2024
@sxa
Copy link
Member Author

sxa commented Sep 4, 2024

Struggling to find a suitable option in the CloudFlare UI that will allow the port 80 remediation (Upguard seems unwilling to accept anything that isn't a straight HTTP redirect)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sxa sxa

Labels
Jenkins security
Projects
2024 3Q Adoptium Plan
Status: Todo
Milestone
2024-08 (August)
Development

No branches or pull requests
2 participants
@sxa @TiagoLucas22478