-
Improvement
-
Resolution: Fixed
-
Minor
-
None
Git plugin plugin is not FIPS compliant.
It allows skipping TLS verify which should not be allowed in a FIPS 140-2 environment.
We should implement these checks when running in FIPS mode
- links to
[JENKINS-73506] Git Plugin should check TLS used if FIPS mode activated
Assignee | Original: Pedro Bueno [ pbuenoyerbes ] | New: Olivier Lamy [ olamy ] |
Description |
Original:
Kubernetes plugin is not FIPS compliant.
It allows skipping TLS verify which should not be allowed in a FIPS 140-2 environment. Also, server certificate is being encoded without checking it. We should implement these checks when running in FIPS mode |
New:
Git plugin plugin is not FIPS compliant.
It allows skipping TLS verify which should not be allowed in a FIPS 140-2 environment. We should implement these checks when running in FIPS mode |
Component/s | New: git-plugin [ 15543 ] | |
Component/s | Original: kubernetes-plugin [ 20639 ] |
Remote Link | New: This issue links to "PR (Web Link)" [ 29834 ] |
Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
Resolution | New: Fixed [ 1 ] | |
Status | Original: In Progress [ 3 ] | New: Fixed but Unreleased [ 10203 ] |
Released As | New: https://github.com/jenkinsci/git-plugin/releases/tag/git-5.3.0 | |
Status | Original: Fixed but Unreleased [ 10203 ] | New: Resolved [ 5 ] |