#3189: Upgrade Nexus to v3.68.1 or later
---------------------------+-----------------------
Reporter: juanluisrp | Owner: jive
Type: task | Status: new
Priority: critical | Milestone: Unplanned
Component: SysAdmin/Repo | Keywords:
---------------------------+-----------------------
A critical security vulnerability has been discovered in Nexus
([https://support.sonatype.com/hc/en-
us/articles/29416509323923-CVE-2024-4956-Nexus-Repository-3-Path-
Traversal-2024-05-16 CVE-2024-4956]). The vulnerability has been fixed in
Nexus v3.68.1.
--
Ticket URL: <https://trac.osgeo.org/osgeo/ticket/3189>
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.
#3189: Upgrade Nexus to v3.68.1 or later
---------------------------+------------------------
Reporter: juanluisrp | Owner: robe
Type: task | Status: new
Priority: critical | Milestone: Unplanned
Component: SysAdmin/Repo | Resolution:
Keywords: |
---------------------------+------------------------
Changes (by juanluisrp):
* owner: jive => robe
--
Ticket URL: <#3189 (Upgrade Nexus to v3.68.1 or later) – OSGeo;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.
#3189: Upgrade Nexus to v3.68.1 or later
---------------------------+---------------------------------------
Reporter: juanluisrp | Owner: robe
Type: task | Status: new
Priority: critical | Milestone: Sysadmin Contract 2024-I
Component: SysAdmin/Repo | Resolution:
Keywords: |
---------------------------+---------------------------------------
Changes (by robe):
* milestone: Unplanned => Sysadmin Contract 2024-I
--
Ticket URL: <#3189 (Upgrade Nexus to v3.68.1 or later) – OSGeo;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.
#3189: Upgrade Nexus to v3.68.1 or later
---------------------------+---------------------------------------
Reporter: juanluisrp | Owner: robe
Type: task | Status: new
Priority: critical | Milestone: Sysadmin Contract 2024-I
Component: SysAdmin/Repo | Resolution:
Keywords: |
---------------------------+---------------------------------------
Comment (by robe):
Will start the process of upgrade shortly
--
Ticket URL: <#3189 (Upgrade Nexus to v3.68.1 or later) – OSGeo;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.
#3189: Upgrade Nexus to v3.68.1 or later
---------------------------+---------------------------------------
Reporter: juanluisrp | Owner: robe
Type: task | Status: closed
Priority: critical | Milestone: Sysadmin Contract 2024-I
Component: SysAdmin/Repo | Resolution: fixed
Keywords: |
---------------------------+---------------------------------------
Changes (by robe):
* status: new => closed
* resolution: => fixed
Comment:
Upgrade complete.
--
Ticket URL: <#3189 (Upgrade Nexus to v3.68.1 or later) – OSGeo;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.
#3189: Upgrade Nexus to v3.68.1 or later
---------------------------+---------------------------------------
Reporter: juanluisrp | Owner: robe
Type: task | Status: closed
Priority: critical | Milestone: Sysadmin Contract 2024-I
Component: SysAdmin/Repo | Resolution: fixed
Keywords: |
---------------------------+---------------------------------------
Comment (by jive):
Thanks, does anyone have time to rotate credentials (secrets / passwords)?
--
Ticket URL: <#3189 (Upgrade Nexus to v3.68.1 or later) – OSGeo;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.
#3189: Upgrade Nexus to v3.68.1 or later
---------------------------+---------------------------------------
Reporter: juanluisrp | Owner: robe
Type: task | Status: closed
Priority: critical | Milestone: Sysadmin Contract 2024-I
Component: SysAdmin/Repo | Resolution: fixed
Keywords: |
---------------------------+---------------------------------------
Comment (by jive):
There are 4 build server users to contact ...
- postgisbuild
- gsdocker
- gsbuild
- gnbuild
--
Ticket URL: <#3189 (Upgrade Nexus to v3.68.1 or later) – OSGeo;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.
#3189: Upgrade Nexus to v3.68.1 or later
---------------------------+---------------------------------------
Reporter: juanluisrp | Owner: robe
Type: task | Status: closed
Priority: critical | Milestone: Sysadmin Contract 2024-I
Component: SysAdmin/Repo | Resolution: fixed
Keywords: |
---------------------------+---------------------------------------
Comment (by jive):
I have sent email to the respective contact people for those build users.
Not sure if we can do anything more than that?
If we feel more strongly I could reset the passwords (breaking the build
servers) and wait for the respective teams to contact us?
--
Ticket URL: <#3189 (Upgrade Nexus to v3.68.1 or later) – OSGeo;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.
#3189: Upgrade Nexus to v3.68.1 or later
---------------------------+---------------------------------------
Reporter: juanluisrp | Owner: robe
Type: task | Status: closed
Priority: critical | Milestone: Sysadmin Contract 2024-I
Component: SysAdmin/Repo | Resolution: fixed
Keywords: |
---------------------------+---------------------------------------
Comment (by juanluisrp):
Updated gnbuild password.
--
Ticket URL: <#3189 (Upgrade Nexus to v3.68.1 or later) – OSGeo;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.
#3189: Upgrade Nexus to v3.68.1 or later
---------------------------+---------------------------------------
Reporter: juanluisrp | Owner: robe
Type: task | Status: closed
Priority: critical | Milestone: Sysadmin Contract 2024-I
Component: SysAdmin/Repo | Resolution: fixed
Keywords: |
---------------------------+---------------------------------------
Comment (by jive):
Updated the gsbuild password
--
Ticket URL: <#3189 (Upgrade Nexus to v3.68.1 or later) – OSGeo;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.
#3189: Upgrade Nexus to v3.68.1 or later
---------------------------+---------------------------------------
Reporter: juanluisrp | Owner: robe
Type: task | Status: closed
Priority: critical | Milestone: Sysadmin Contract 2024-I
Component: SysAdmin/Repo | Resolution: fixed
Keywords: |
---------------------------+---------------------------------------
Comment (by robe):
I have updated postgisbuild password.
--
Ticket URL: <#3189 (Upgrade Nexus to v3.68.1 or later) – OSGeo;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.
#3189: Upgrade Nexus to v3.68.1 or later
---------------------------+---------------------------------------
Reporter: juanluisrp | Owner: robe
Type: task | Status: closed
Priority: critical | Milestone: Sysadmin Contract 2024-I
Component: SysAdmin/Repo | Resolution: fixed
Keywords: |
---------------------------+---------------------------------------
Comment (by weskamm):
I have updated the password for gsdocker
--
Ticket URL: <#3189 (Upgrade Nexus to v3.68.1 or later) – OSGeo;
OSGeo <Gter - OSGeo;
OSGeo committee and general foundation issue tracker.