Hello, Since I haven't heard about about this I have a feeling it got overlooked due to everyone focusing on getting 2.0 out the door. In light of that I'm pushing this out till the 14th.
Regards, Trevor Bramwell On Mon, May 01, 2017 at 04:06:23PM -0700, Trevor Bramwell wrote: > Hello, > > A recent CVE was published for Jenkins[1] necessitating an upgrade from > 2.32.1 to 2.46.2. > > Given the 2.0 release is coming up shortly, I'd like to propose holding > off on the upgrade until just after 2.0 is out. Assuming there are no > delays to the release (there don't appear to be), that would mean > upgrading Jenkins either this Friday (05/05/2017) or Saturday > (05/06/2017). > > We could at most push this back till next week (05/10, 05/11). > > David, are you expecting any delay in the 2.0 release? > > Are there any concerns about the timing of this upgrade? > > Regards, > Trevor Bramwell > > [1] https://jenkins.io/security/advisory/2017-04-26/
signature.asc
Description: PGP signature
_______________________________________________ opnfv-tech-discuss mailing list opnfv-tech-discuss@lists.opnfv.org https://lists.opnfv.org/mailman/listinfo/opnfv-tech-discuss
