-
Task
-
Resolution: Duplicate
-
Minor
-
None
-
-
Jenkins 2.220
Dating back many years, Jenkins has supported two network discovery services (UDP multicast/broadcast and DNS multicast). When this was first implemented this may have been a reasonable way to provide useful lookup services. With modern Jenkins capabilities, networks, and security considerations, this is no longer a good mechanism. There are now other ways to accomplish the real needs and concerns with doing it this way.
With Jenkins Security Advisory 2020-01-29 these services were disabled by default because of SECURITY-1641 / CVE-2020-2100.
These should just be removed.
- causes
-
JENKINS-61029 Swarm client not working anymore with Jenkins 2.220
-
- Resolved
-
- duplicates
-
JENKINS-33596 Disable DNSMultiCast & UDPBroadcastThread by default
-
- Resolved
-
[JENKINS-60913] Remove network discovery services
Link |
New:
This issue duplicates |
Released As | New: Jenkins 2.220 | |
Resolution | New: Duplicate [ 3 ] | |
Status | Original: Open [ 1 ] | New: Resolved [ 5 ] |
Link |
New:
This issue causes |
Description |
Original:
Dating back many years, Jenkins has supported two network discovery services (UDP multicast/broadcast and DNS multicast). When this was first implemented this may have been a reasonable way to provide useful lookup services. With modern Jenkins capabilities, networks, and security considerations, this is no longer a good mechanism. There are now other ways to accomplish the real needs and concerns with doing it this way. With [Jenkins Security Advisory 2020-01-29|[https://jenkins.io/security/advisory/2020-01-29/]|https://jenkins.io/security/advisory/2020-01-29/] these services were disabled by default because of SECURITY-1641 / CVE-2020-2100. These should just be removed. |
New:
Dating back many years, Jenkins has supported two network discovery services (UDP multicast/broadcast and DNS multicast). When this was first implemented this may have been a reasonable way to provide useful lookup services. With modern Jenkins capabilities, networks, and security considerations, this is no longer a good mechanism. There are now other ways to accomplish the real needs and concerns with doing it this way. With [Jenkins Security Advisory 2020-01-29|https://jenkins.io/security/advisory/2020-01-29/] these services were disabled by default because of SECURITY-1641 / CVE-2020-2100. These should just be removed. |
See
JENKINS-33596.