• Icon: Task Task
    • Resolution: Duplicate
    • Icon: Minor Minor
    • core
    • None
    • Jenkins 2.220

      Dating back many years, Jenkins has supported two network discovery services (UDP multicast/broadcast and DNS multicast). When this was first implemented this may have been a reasonable way to provide useful lookup services. With modern Jenkins capabilities, networks, and security considerations, this is no longer a good mechanism. There are now other ways to accomplish the real needs and concerns with doing it this way.

      With Jenkins Security Advisory 2020-01-29 these services were disabled by default because of SECURITY-1641 / CVE-2020-2100.

      These should just be removed.

          [JENKINS-60913] Remove network discovery services

          Jeff Thompson created issue -

          Jesse Glick added a comment -

          Jesse Glick added a comment - See JENKINS-33596 .
          Jesse Glick made changes -
          Link New: This issue duplicates JENKINS-33596 [ JENKINS-33596 ]

          Oleg Nenashev added a comment -

          It was released in Jenkins 2.220. jthompson it would be great if the pull request submitter ensures to address comments about duplication. I missed it, because I do not always check Jira before merging

          Oleg Nenashev added a comment - It was released in Jenkins 2.220. jthompson it would be great if the pull request submitter ensures to address comments about duplication. I missed it, because I do not always check Jira before merging
          Oleg Nenashev made changes -
          Released As New: Jenkins 2.220
          Resolution New: Duplicate [ 3 ]
          Status Original: Open [ 1 ] New: Resolved [ 5 ]
          Philipp Baer made changes -
          Link New: This issue causes JENKINS-61029 [ JENKINS-61029 ]
          Allan Lewis made changes -
          Description Original: Dating back many years, Jenkins has supported two network discovery services (UDP multicast/broadcast and DNS multicast). When this was first implemented this may have been a reasonable way to provide useful lookup services. With modern Jenkins capabilities, networks, and security considerations, this is no longer a good mechanism. There are now other ways to accomplish the real needs and concerns with doing it this way.

          With [Jenkins Security Advisory 2020-01-29|[https://jenkins.io/security/advisory/2020-01-29/]|https://jenkins.io/security/advisory/2020-01-29/] these services were disabled by default because of SECURITY-1641 / CVE-2020-2100.

          These should just be removed.
          New: Dating back many years, Jenkins has supported two network discovery services (UDP multicast/broadcast and DNS multicast). When this was first implemented this may have been a reasonable way to provide useful lookup services. With modern Jenkins capabilities, networks, and security considerations, this is no longer a good mechanism. There are now other ways to accomplish the real needs and concerns with doing it this way.

          With [Jenkins Security Advisory 2020-01-29|https://jenkins.io/security/advisory/2020-01-29/] these services were disabled by default because of SECURITY-1641 / CVE-2020-2100.

          These should just be removed.

          Jeff Thompson added a comment -

          oleg_nenashev, I'm not sure what you're asking for. You wanted a reference to the ticket Jesse mentioned to also be included in the PR on GitHub?

          I noticed that you said you were going to do something like that, so I figured you would take care of what you thought was needed. And it was already mentioned here and at least one other place.

           

          Jeff Thompson added a comment - oleg_nenashev , I'm not sure what you're asking for. You wanted a reference to the ticket Jesse mentioned to also be included in the PR on GitHub? I noticed that you said you were going to do something like that, so I figured you would take care of what you thought was needed. And it was already mentioned here and at least one other place.  

            jthompson Jeff Thompson
            jthompson Jeff Thompson
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: