Atlassian has acknowledged the security vulnerabilities and, as of last week, has begun implementing patches to AWS Linux and other OSs. Has anyone heard of a more recent status/progress or milestones? I have not received a response to any followups.
In regards to the current impact of Spectre and Meltdown, as our applications are hosted under the AWS services, you can see the following statement:
The vulnerability is expected to be patched via an incoming kernel update that will be announced for Ubuntu (Ubuntu Security Announcement) Also, our persistence tiers run as managed AWS services, so those have either already been upgraded transparently or will be updated during their next maintenance windows.
If you have any questions or need any further assistance, please just respond back to this thread.
The answer I gave previously is for our Cloud products.
If you're hosting HipChat on your own servers, then you will need to speak to your IT team in order to assess your environment for any risks.
Have a look at this blog post:
If you are running Atlassian Server or Data Center products, we recommend assessing your own IT environment for risks associated with these vulnerabilities. This includes browsers, operating systems and virtual computing infrastructure.
Let me know if you have any questions.
Ahoy from HipChat!
I did a quick check with our Hipchat Data Center/Server Team and, at the moment, our security team is aware of the issues and are currently investigating any potential impact to our products.
As Shannon mentioned, you can check with your IT team to update your infrastructure against these vulnerabilities, but will need to wait for a new release to update the operating system underlying Hipchat. (You can check out this Blog post to get an idea how these patches are applied from an infrastructural perspective.)
Rest assured, we've definitely got our sights on this vulnerability and are making sure we can safeguard our HipChat Data Center/Server customers from any potential risks. :)
With Kind Regards,
--- Ryan Benedict
HipChat Cloud Support
Badges are a great way to show off community activity, whether you’re a newbie or a Champion.Learn more
Hi Atlassian Community! My name is Shana, and I’m on the Jira Software team. One of the many reasons this Community exists is to connect you to others on similar product journeys or with comparabl...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs