Current status on Meltdown & Spectre Patches?

Atlassian has acknowledged the security vulnerabilities and, as of last week, has begun implementing patches to AWS Linux and other OSs.  Has anyone heard of a more recent status/progress or milestones?  I have not received a response to any followups.    

3 answers

1 vote

Hi Christopher,

In regards to the current impact of Spectre and Meltdown, as our applications are hosted under the AWS services, you can see the following statement:

The vulnerability is expected to be patched via an incoming kernel update that will be announced for Ubuntu (Ubuntu Security Announcement) Also, our persistence tiers run as managed AWS services, so those have either already been upgraded transparently or will be updated during their next maintenance windows.

If you have any questions or need any further assistance, please just respond back to this thread.

Regards,

Shannon

Thank you Shannon.  

Hi what about on premise hipchat appliance?

Hi there,

The answer I gave previously is for our Cloud products.

If you're hosting HipChat on your own servers, then you will need to speak to your IT team in order to assess your environment for any risks.

Have a look at this blog post:

If you are running Atlassian Server or Data Center products, we recommend assessing your own IT environment for risks associated with these vulnerabilities. This includes browsers, operating systems and virtual computing infrastructure. 

Let me know if you have any questions.

Regards,

Shannon

Ahoy from HipChat!

I did a quick check with our Hipchat Data Center/Server Team and, at the moment, our security team is aware of the issues and are currently investigating any potential impact to our products.

As Shannon mentioned, you can check with your IT team to update your infrastructure against these vulnerabilities, but will need to wait for a new release to update the operating system underlying Hipchat. (You can check out this Blog post to get an idea how these patches are applied from an infrastructural perspective.)

Rest assured, we've definitely got our sights on this vulnerability and are making sure we can safeguard our HipChat Data Center/Server customers from any potential risks. :)

With Kind Regards,

--- Ryan Benedict
HipChat Cloud Support

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted Sep 18, 2018 in Jira

What modern development practices are at the heart of how your team delivers software?

Hey Community mates! Claire here from the Software Product Marketing team. We all know software development changes rapidly, and it's often tough to keep up. But from our research, we've found the h...

22,610 views 2 7
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you