Hello everyone,

      Since Christmas we are trying to solve a following problem, which happens on each of our servers, doesn't matter which version of Jenkins or plugins or even Windows version - Jenkins keeps failing when we want to modify the project, even if it's just a modification of the comment of project. By failing I mean saving the project and after ~30 sec getting the message "connection was reset" or similar, depending on the web browser. I tried different browsers, computers - every time is exactly the same.

      After some investigations done via Chrome's inspection feature I realized that behavior is caused by a function checkpointLabelCheck, which provides the error "Please specify a label for this checkpoint!" if function was called without parameters (on server no. 22); if it was called with parameters, it just hangs (on server no. 19). This function belongs to the Jenkins plugin "PTC Windchill RV&S CM". If I disabled the plugin, everything works as expected.

      Updating the Jenkins and plugins helped us for just few minutes - then the issue is exactly the same. Monitoring of logs haven't brought any results.

      The only one suspected thing is installation of some Windows updates on 26/12/2021: KB 5008207 and KB5007152.

      Could you help us to solve the issue, please?
      Thank you in advance

       

          [JENKINS-67596] Connection reset - checkpointLabelCheck

          Jonas Fitz added a comment -

          integrity_jenkins_plugin Any updates on that?

          Jonas Fitz added a comment - integrity_jenkins_plugin  Any updates on that?

          Mateusz Cedro added a comment -

          Hello everybody,

          We've observed that from the localhost side everything works fine. We've also noticed that this behavior is caused by the Apache Struts2 OGNL expression, which has the vulnerability no. CVE-2012-0391. It looks like one of the (up-to-date) plugins uses it, but we don't know which one yet. 

          Mateusz Cedro added a comment - Hello everybody, We've observed that from the localhost side everything works fine. We've also noticed that this behavior is caused by the Apache Struts2 OGNL expression, which has the vulnerability no. CVE-2012-0391. It looks like one of the (up-to-date) plugins uses it, but we don't know which one yet. 

            integrity_jenkins_plugin PTC ALM
            mcedro Mateusz Cedro
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated: