+++ This bug was initially created as a clone of Bug #1848216 +++ openshift-4 tracking bug for jenkins-2-plugins: see the bugs linked in the "Blocks" field of this bug for full details of the security issue(s). This bug is never intended to be made public, please put any public notes in the blocked bugs. Impact: Moderate Public Date: 06-May-2020 PM Fix/Wontfix Decision By: 16-Sep-2020 Resolve Bug By: 06-May-2021 In case the dates above are already past, please evaluate this bug in your next prioritization review and make a decision then. Remember to explicitly set CLOSED:WONTFIX if you decide not to fix this bug. Please see the Security Errata Policy for further details: https://docs.engineering.redhat.com/x/9RBqB --- Additional comment from Stephen Cuppett on 2020-06-18 18:30:40 UTC --- Setting to target the z-stream. This isn't due prior to GA and is not a showstopper. --- Additional comment from Jitendar Singh on 2020-06-25 05:44:41 UTC --- jsingh@localhost ~/go/src/github.com/redhat-developer oc get pods NAME READY STATUS RESTARTS AGE jenkins-1-build 0/1 Completed 0 11m jenkins-1-deploy 0/1 Completed 0 2m15s jenkins-1-pm4rl 1/1 Running 0 2m11s jsingh@localhost ~/go/src/github.com/redhat-developer oc rsh jenkins-1-pm4rl sh-4.2$ cat /var/lib/jenkins/plugins/credentials-binding/META-INF/MANIFEST.MF |grep Implementation-Version Implementation-Version: 1.23 sh-4.2$ exit exit ===================================================== VERIFIED
It doesn't seem to me the latest jenkins-2-plugins-4.5.1595405982-1.el7 RPM include this fix. The linked PR is only for upstream okd build. I think this bug should only be moved to MODIFIED once it is included in ART build.
waiting for the nightly
The ART request was not done, so, the RPM for plugins was not updated. ART request created here: https://issues.redhat.com/browse/ART-2104
verfied =================================== jsingh@localhost ~/Downloads/openshift-install-linux-4.6.0-0.nightly-2020-08-18-015339 oc rsh jenkins-1-db4zh sh-4.2$ cat /var/lib/jenkins/plugins/credentials-binding/META-INF/MANIFEST.MF |grep Implementation-Version Implementation-Version: 1.23 ======================================================== jenkins image quay.io/openshift-release-dev/ocp-v4.0-art-dev@sha256:134e9b676dc612686563ec25dba8230ee7133640569022638820e5f52c7833e6 came from brew build openshift-jenkins-2-container-v4.5.0-202008131017.p0