As you are aware, we do provide some test environments for OpenMRS. https://wiki.openmrs.org/display/ISM/OpenMRS+environments
Apparently not all of them were patched to address Critical Security Advisory CVE-2018-19276: 2019-02-04
So, can I ask the owner to please patch it?
- @pkornowski or @alalo, can you confirm that both sync and sync-legacy servers have that patch for REST module?
- @darius or @ball, can you please update the ebola distro to have that patch?
@dkayiwa, we probably need to update our release process to ensure that mdsbuilder (platform), qa/modules/uat/demo servers are regularly upgraded after a release. Where’s the best place to change the documentation?