RHBA-2014:1630 - Bug Fix Advisory
Red Hat OpenShift Enterprise 2.1 jenkins-plugin-openshift bug fix update
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Updated jenkins-plugin-openshift and openshift-origin-cartridge-jenkins packages
that fix a bug are now available for Red Hat OpenShift Enterprise 2.1.
OpenShift Enterprise by Red Hat is the company's cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud
This update fixes the following bug:
- Changes to the httpd and mod_ssl packages in Red Hat Enterprise Linux 6.6
caused certain ciphers' key sizes offered during TLS/SSL handshaking to be
larger than the same ciphers' key sizes in previous versions. These larger key
sizes are not supported by the current release of openjdk-1.7.0 and cause an
exception during TLS/SSL handshaking. On OpenShift Enterprise deployments which
had been updated to Red Hat Enterprise Linux 6.6, Jenkins builds failed because
the Jenkins plug-in could not negotiate an SSL connection with the broker REST
If an updated OpenJDK package newer than java-1.7.0-openjdk-220.127.116.11-18.104.22.168 is
available, then the openjdk-1.7.0 package must be updated. On systems where the
update is either unavailable or otherwise cannot be installed, this bug fix
provides the updated Jenkins cartridge and dependencies to allow the problematic
cipher to be disabled. Users can take advantage of this by checking out the
Jenkins gear repository and adding the "disable_bad_ciphers_yes" marker file. As
a result, Jenkins builds work as before. It is important to note that disabling
the problematic cipher degrades the security of the REST API connections from
the Jenkins gear, and as soon as possible the OpenJDK package must be updated
and the marker file removed from all active Jenkins gears. (BZ#1127667)
All OpenShift Enterprise users are advised to upgrade to these updated packages.
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
See the OpenShift Enterprise 2.1 Release Notes, which will be updated shortly
for this advisory, for important instructions on how to fully apply this
asynchronous errata update:
This update is available via the Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
- Red Hat OpenShift Enterprise Application Node 2.1 x86_64
- BZ - 1127667 - Can not trigger jenkins build on RHEL6.6
Red Hat OpenShift Enterprise Application Node 2.1
The Red Hat security contact is email@example.com. More contact details at https://access.redhat.com/security/team/contact/.