TeamCity 10.0.3 (build 42434) and RHEL patch question Follow
Hello! New to TeamCity and we need to install a security patch from Red Hat (Stack Guard Page Circumvention Affecting Multiple Packages, CVE-2017-1000364 and CVE-2017-1000366).
Sys admins who will be doing the patching want to make sure it won't break the TeamCity install. We have 10.0.3 build 42434).
Is this documented somewhere for 10.0.3?
Thank you!
Please sign in to leave a comment.
Hello,
I'll repeat my answer in this support channel too, so that others could see it:
Although we did not have a chance to run TeamCity on RHEL with these patches installed (internally, at JetBrains we don't use RHEL), there is a good chance that they won't affect TeamCity anyhow. TeamCity runs inside JVM, and if JVM was affected, most likely RedHat would know about it as they have their own Java server products. So it seems reasonabel to expect that they checked how security patches work with Java programs, before publishing the patches publicly.
As a precaution, you can also try to run TeamCity professional on some other Linux machine with these patches installed. Seems it is enough to check that server starts and works as expected. Most likely there will be no problems.
Thank you Pavel. The Linux patches were installed, but now we're just getting a default Apache page to load rather than TC.
http://ws-chausie.quinnipiac.edu
Can you provide any insight?
Thank you
Doug
Our systems group did a full restore of the server with TeamCity, and we're still getting an Apache default loading page, and not sure why. Unfortunately, this was setup by a consulting firm that we're no longer engaged with, so looking for some assistance.
I am out of the office today. You'll be contacted by Jay Munro in my absence. If you can reach out to him, his email address is jayson.munro@quinnipiac.edu
Thank you
So how this Apache default page looks like in your case? Maybe attach some screenshot?
If you browse to the URL I provided above (http://ws-chausie.quinnipiac.edu) you'll see it. Thanks!
Ok, so this page is generated by some Apache server which is not a part of TeamCity distribution. Seems like it was installed to act as an HTTP proxy in front of the TeamCity server. But so far it does not look like the problem is TeamCity related.