I’d be willing to take a look at it for you George. Sent from my iPhone
> On Jun 10, 2021, at 11:31 AM, George Joseph <gjos...@sangoma.com> wrote: > > > > You already know about the SSH host key issue related to the upgrade of > Gerrit we did on May 28th. That issue we knew about in advance so we gave > everyone advance notice. Well, we discovered another issue related to SSH > but this one was after the fact... > > We use a Jira plugin to display open Gerrit reviews for issues. This plugin > is quite old and we discovered last Tuesday that it was using SSH Key > Exchange Algorithms (kex) that are also quite old and known to be insecure. > With the Gerrit upgrade, those older kex algorithms were removed so Jira was > no longer able to log into gerrit via ssh and retrieve the reviews. > > So we actually have two issues... First Gerrit really messed up with their > release notes because there was absolutely no mention of the implications of > their upgrading their SSH backend. I've taken that up with them. Second, > the Gerrit plugin for Jira really needs an update but it's not well > maintained and although we could fix it, we're not exactly overstaffed right > now. The Gerrit team did agree to re-enable the older kex algorithms in > their 3.4.1 release but that only helps us in the short term as they will > eventually be deprecated for good. > > So while we should have the integration working again shortly, we're still > not sure what to do in the long term. Would any of you with Java experience > be able to take a look at the jira-gerrit-plugin[1]? It's actually not that > complex but it needs its SSH backend (com.jcraft.jsch) replaced. If any of > you are interested, let me know and I can give you the details. > > [1] https://github.com/MeetMe/jira-gerrit-plugin > > > > > -- > George Joseph > Asterisk Software Developer > direct/fax +1 256 428 6012 > Check us out at www.sangoma.com and www.asterisk.org > <image.png> > -- > _____________________________________________________________________ > -- Bandwidth and Colocation Provided by http://www.api-digital.com -- > > asterisk-dev mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-dev
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
