Current status on Meltdown & Spectre Patches?

Atlassian has acknowledged the security vulnerabilities and, as of last week, has begun implementing patches to AWS Linux and other OSs.  Has anyone heard of a more recent status/progress or milestones?  I have not received a response to any followups.    

3 answers

This widget could not be displayed.

Hi Christopher,

In regards to the current impact of Spectre and Meltdown, as our applications are hosted under the AWS services, you can see the following statement:

The vulnerability is expected to be patched via an incoming kernel update that will be announced for Ubuntu (Ubuntu Security Announcement) Also, our persistence tiers run as managed AWS services, so those have either already been upgraded transparently or will be updated during their next maintenance windows.

If you have any questions or need any further assistance, please just respond back to this thread.

Regards,

Shannon

This widget could not be displayed.

Thank you Shannon.  

This widget could not be displayed.

Hi what about on premise hipchat appliance?

Hi there,

The answer I gave previously is for our Cloud products.

If you're hosting HipChat on your own servers, then you will need to speak to your IT team in order to assess your environment for any risks.

Have a look at this blog post:

If you are running Atlassian Server or Data Center products, we recommend assessing your own IT environment for risks associated with these vulnerabilities. This includes browsers, operating systems and virtual computing infrastructure. 

Let me know if you have any questions.

Regards,

Shannon

Ahoy from HipChat!

I did a quick check with our Hipchat Data Center/Server Team and, at the moment, our security team is aware of the issues and are currently investigating any potential impact to our products.

As Shannon mentioned, you can check with your IT team to update your infrastructure against these vulnerabilities, but will need to wait for a new release to update the operating system underlying Hipchat. (You can check out this Blog post to get an idea how these patches are applied from an infrastructural perspective.)

Rest assured, we've definitely got our sights on this vulnerability and are making sure we can safeguard our HipChat Data Center/Server customers from any potential risks. :)

With Kind Regards,

--- Ryan Benedict
HipChat Cloud Support

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted yesterday in New to Jira

Are you planning to trial, or are currently trialling Jira Software? - We want to talk to you!

Hello! I'm Rayen, a product manager at Atlassian. My team and I are working hard to improve the trial experience for Jira Software Cloud. We are interested in   talking to 20 people planning t...

72 views 1 0
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you