Upgrade jfrog-platform to fix security issue JA-7492

jfrog / charts

JFrog official Helm Charts

https://jfrog.com/integration/helm-repository/

Apache License 2.0

259 stars 448 forks source link

Upgrade jfrog-platform to fix security issue JA-7492 #1851

Closed ailichev closed 11 months ago

ailichev commented 11 months ago

Hello.

Will you plan to relase jfrog-platform new version to fix the security issue JA-7492 whereby, interacting with specially crafted URLs could lead to exposure of sensitive information? The Artifactory release is 7.71.8 (https://jfrog.com/help/r/jfrog-release-information/artifactory-7.71.8-self-hosted). JFrog-platform is still on previous Artifactory release 7.71.5.

chukka commented 11 months ago

@ailichev we are planning to release a new jfrog-platform chart in a day or two along with artifactory 7.71.10 patch release .

As a workaround solution , you can still upgrade to latest version of artifactory - 7.71.8 in jfrog-platform chart by passing

this flag --set global.versions.artifactory=7.71.8 or
using below custom_values.yaml
```
global:
versions:
artifactory: 7.71.8
```