{ "_class" : "hudson.model.FreeStyleBuild", "actions" : [ { "_class" : "hudson.model.CauseAction", "causes" : [ { "_class" : "hudson.triggers.TimerTrigger$TimerTriggerCause", "shortDescription" : "Started by timer" } ] }, { "_class" : "hudson.plugins.git.util.BuildData", "buildsByBranchName" : { "refs/remotes/origin/oi/hipster" : { "_class" : "hudson.plugins.git.util.Build", "buildNumber" : 5335, "buildResult" : None, "marked" : { "SHA1" : "04ac3e867db3637a6dd386947ebd31b217036bc7", "branch" : [ { "SHA1" : "04ac3e867db3637a6dd386947ebd31b217036bc7", "name" : "refs/remotes/origin/oi/hipster" } ] }, "revision" : { "SHA1" : "04ac3e867db3637a6dd386947ebd31b217036bc7", "branch" : [ { "SHA1" : "04ac3e867db3637a6dd386947ebd31b217036bc7", "name" : "refs/remotes/origin/oi/hipster" } ] } }, "origin/oi/hipster" : { "_class" : "hudson.plugins.git.util.Build", "buildNumber" : 3897, "buildResult" : None, "marked" : { "SHA1" : "5751b2ff5ccd4825400f4a37a10c38da4a0f23f3", "branch" : [ { "SHA1" : "5751b2ff5ccd4825400f4a37a10c38da4a0f23f3", "name" : "origin/oi/hipster" } ] }, "revision" : { "SHA1" : "5751b2ff5ccd4825400f4a37a10c38da4a0f23f3", "branch" : [ { "SHA1" : "5751b2ff5ccd4825400f4a37a10c38da4a0f23f3", "name" : "origin/oi/hipster" } ] } } }, "lastBuiltRevision" : { "SHA1" : "04ac3e867db3637a6dd386947ebd31b217036bc7", "branch" : [ { "SHA1" : "04ac3e867db3637a6dd386947ebd31b217036bc7", "name" : "refs/remotes/origin/oi/hipster" } ] }, "remoteUrls" : [ "git://github.com/OpenIndiana/oi-userland.git" ], "scmName" : "" }, { "_class" : "hudson.plugins.git.GitTagAction" }, { }, { "_class" : "org.jenkinsci.plugins.displayurlapi.actions.RunDisplayAction" } ], "artifacts" : [ ], "building" : False, "description" : None, "displayName" : "#5335", "duration" : 705150, "estimatedDuration" : 4575817, "executor" : None, "fullDisplayName" : "illumos-gate #5335", "id" : "5335", "inProgress" : False, "keepLog" : False, "number" : 5335, "queueId" : 2315, "result" : "SUCCESS", "timestamp" : 1535328300330, "url" : "https://hipster.openindiana.org/jenkins/job/illumos-gate/5335/", "builtOn" : "", "changeSet" : { "_class" : "hudson.plugins.git.GitChangeSetList", "items" : [ { "_class" : "hudson.plugins.git.GitChangeSet", "affectedPaths" : [ "components/library/openssl/openssl-1.0.2/Makefile", "components/library/openssl/openssl-1.0.2/manifests/sample-manifest.p5m", "components/library/openssl/openssl-1.0.2/patches/CVE-2018-0732.patch", "components/library/openssl/openssl-1.0.2/openssl-1.0.2.p5m", "components/library/openssl/openssl-1.0.2/patches/CVE-2018-0737.patch" ], "commitId" : "211606ddc8f2c04cb15f6567345ccfea77fcec9d", "timestamp" : 1535273146000, "author" : { "absoluteUrl" : "https://hipster.openindiana.org/jenkins/user/wacki", "fullName" : "Andreas Wacknitz" }, "authorEmail" : "A.Wacknitz@gmx.de", "comment" : "OpenSSL 1.0.2p\u000aNotes: https://www.openssl.org/news/openssl-1.0.2-notes.html\u000a Major changes between OpenSSL 1.0.2o and OpenSSL 1.0.2p:\u000a* Client DoS due to large DH parameter (CVE-2018-0732)\u000a* Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)\u000a ABI compatible:\u000ahttps://abi-laboratory.pro/index.php?view=objects_report&l=openssl&v1=1.0.2o&v2=1.0.2p\u000a\u000a Test suite runs looked good.\u000a", "date" : "2018-08-26 10:45:46 +0200", "id" : "211606ddc8f2c04cb15f6567345ccfea77fcec9d", "msg" : "OpenSSL 1.0.2p", "paths" : [ { "editType" : "delete", "file" : "components/library/openssl/openssl-1.0.2/patches/CVE-2018-0732.patch" }, { "editType" : "edit", "file" : "components/library/openssl/openssl-1.0.2/Makefile" }, { "editType" : "edit", "file" : "components/library/openssl/openssl-1.0.2/openssl-1.0.2.p5m" }, { "editType" : "edit", "file" : "components/library/openssl/openssl-1.0.2/manifests/sample-manifest.p5m" }, { "editType" : "delete", "file" : "components/library/openssl/openssl-1.0.2/patches/CVE-2018-0737.patch" } ] }, { "_class" : "hudson.plugins.git.GitChangeSet", "affectedPaths" : [ "components/network/openssh/Makefile", "components/network/openssh/patches/CVE-2018-15473.patch" ], "commitId" : "43616c8731a48eff82ca79506d41e2b1e3f90baf", "timestamp" : 1535276343000, "author" : { "absoluteUrl" : "https://hipster.openindiana.org/jenkins/user/wacki", "fullName" : "Andreas Wacknitz" }, "authorEmail" : "A.Wacknitz@gmx.de", "comment" : "OpenSSH: fix CVE-2018-15473 (username enumeration)\u000aFix from OpenSSH 7.8p1 (https://www.openssh.com/releasenotes.html):\u000a```\u000a* sshd(8): add some countermeasures against timing attacks used for\u000a account validation/enumeration. sshd will enforce a minimum time\u000a or each failed authentication attempt consisting of a global 5ms\u000a minimum plus an additional per-user 0-4ms delay derived from a\u000a host secret.\u000a```\u000a Debian patch:\u000ahttps://sources.debian.org/patches/openssh/1:7.4p1-10+deb9u4/upstream-delay-bailout-for-invalid-authenticating-user.patch/\u000a\u000a\u000a**Testing (exploit: https://www.exploit-db.com/exploits/45210/)**\u000a Affected:\u000a```\u000a$ python 45210.py 192.168.1.12 root\u000a[+] Valid username\u000a\u000a$ python 45210.py 192.168.1.12 thisisinvalid\u000a[*] Invalid username\u000a```\u000a Fixed:\u000a```\u000a$ python 45210.py 192.168.1.181 root\u000a[+] Valid username\u000a\u000a$ python 45210.py 192.168.1.181 thisisinvalid\u000a[+] Valid username\u000a```\u000a", "date" : "2018-08-26 11:39:03 +0200", "id" : "43616c8731a48eff82ca79506d41e2b1e3f90baf", "msg" : "OpenSSH: fix CVE-2018-15473 (username enumeration)", "paths" : [ { "editType" : "add", "file" : "components/network/openssh/patches/CVE-2018-15473.patch" }, { "editType" : "edit", "file" : "components/network/openssh/Makefile" } ] }, { "_class" : "hudson.plugins.git.GitChangeSet", "affectedPaths" : [ "components/library/libexpat/expat.p5m", "components/library/libexpat/manifests/sample-manifest.p5m", "components/library/libexpat/Makefile", "components/library/libexpat/test/results-all.master" ], "commitId" : "04ac3e867db3637a6dd386947ebd31b217036bc7", "timestamp" : 1535295895000, "author" : { "absoluteUrl" : "https://hipster.openindiana.org/jenkins/user/wacki", "fullName" : "Andreas Wacknitz" }, "authorEmail" : "A.Wacknitz@gmx.de", "comment" : "expat 2.2.6\u000aChanges: https://github.com/libexpat/libexpat/blob/R_2_2_6/expat/Changes\u000a\u000a Notably, fixes UTF-8 bug required for Python 2.7.15 test suite to pass.\u000a\u000a Test suite now seems to have a different output.\u000a", "date" : "2018-08-26 17:04:55 +0200", "id" : "04ac3e867db3637a6dd386947ebd31b217036bc7", "msg" : "expat 2.2.6", "paths" : [ { "editType" : "edit", "file" : "components/library/libexpat/expat.p5m" }, { "editType" : "edit", "file" : "components/library/libexpat/manifests/sample-manifest.p5m" }, { "editType" : "edit", "file" : "components/library/libexpat/test/results-all.master" }, { "editType" : "edit", "file" : "components/library/libexpat/Makefile" } ] } ], "kind" : "git" }, "culprits" : [ { "absoluteUrl" : "https://hipster.openindiana.org/jenkins/user/a.wacknitz", "fullName" : "a.wacknitz" } ] }