Damien is the Jenkins Infrastructure officer
and a software engineer at CloudBees working as a Site Reliability Engineer for the Jenkins Infrastructure project.
Not only he is a decade-old Hudson/Jenkins user but also an open-source citizen who participates in Updatecli,
Traefik and many others.
The Jenkins project provides a download mirror infrastructure allowing to download Jenkins packages and plugins from a download server close to your location.
How Does it Work?
When a download request is emitted to either mirrors.jenkins.io or get.jenkins.io, an HTTP redirect response to a mirror download server is answered.
The Jenkins infrastructure uses a database of existing mirror servers provided by volunteers and donators to select the...
A remote code execution vulnerability has been identified in the Spring Framework.
This vulnerability is identified as CVE-2022-22965.
Spring officially reacted early in an early announcement.
SpringShell in Jenkins Core and Plugins
The Jenkins security team has confirmed that the Spring vulnerability is not affecting Jenkins Core.
There is no impact because we are using Stapler as a servlet, and neither Spring MVC nor Spring WebFlux.
An analysis was done...
The Jenkins Contributor Summit brings together current and future contributors to the Jenkins project.
At this event we will talk about the current state of the project and its future evolution.