Status: Closed (View Workflow)
Resolution: Cannot Reproduce
jenkins-slave = https://github.com/folio-org/folio-tools/blob/master/jenkins-slave-docker/Dockerfile.focal-java-11
This is based on Ubuntu Focal that is vulnerable to Local Privilege Escalation in polkit's pkexec. Focal with a fix has been released: https://ubuntu.com/security/CVE-2021-4034
However, the container that FOLIO uses doesn't install the polkit package (policykit-1). a cd /; find -name 'pkexec' doesn't find the vulnerable binary.
Therefore jenkins-slave is not affected.
- relates to
FOLIO-3402 folioci/alpine-jre-openjdk11 not affected by polkit (CVE-2021-4034)
- mentioned in