Emergency Maintenance regarding haproxy & http2 - CVE-2020-11100

Scheduled Maintenance Report for amazee.io

Completed

A critical security vulnerability has been discovered and reported affecting HTTP2 of haproxy: https://access.redhat.com/security/vulnerabilities/haproxy. There is currently no patch available for this. Therefore we disabled HTTP2 on haproxy in order to mitigate any exploitation of this vulnerability.

As soon as RedHat has released a security patch for OpenShift and haproxy we will patch haproxy and enable HTTP2 again.
Posted Apr 03, 2020 - 21:35 UTC

In progress

Scheduled maintenance is currently in progress. We will provide updates as necessary.
Posted Apr 03, 2020 - 19:46 UTC

Scheduled

We are conducting emergency maintenance on the OpenShift Cluster, we're expecting very short (5-10 second) outages of the production sites during this time.
Posted Apr 03, 2020 - 13:56 UTC
This scheduled maintenance affected: General (Lagoon API, Deployment Infrastructure, Lagoon Dashboard, Lagoon Logs (Kibana)).