What’s going on with JIRA?

Nevin · 2021-01-02T19:01:16.594Z

Not sure which category to post this in…

I just got around a dozen JIRA notifications, all at the same timestamp, showing that “Admin” had made changes to some of my bug reports. Many were “closed as duplicate” without any indication what they were allegedly duplicates of. Some were then immediately reopened.

On the actual issue pages, the changes are attributed to “bad123bb123”, rather than “Admin” as shown in the notification. A comment on JIRA by @Nicole_Jacque indicates this was widespread and possibly malicious, and that the admins are working to rectify the situation.

So I’m wondering if it’s better for me to leave these issues alone and wait for an automated fix, or if I should manually reopen them?

xanderdunn · 2021-01-02T19:18:03.302Z

Same issue here. Looks like something has gone rogue on the Swift issue tracker. All issues are being marked Cosed as duplicate. Every issue I've created or am watching has been closed as duplicate. Best to wait until we hear from the admins about the resolution of the problem. They might even need to restore the issue tracker from a backup.

Keith · 2021-01-02T20:26:32.487Z

Disabled creating new users on bugs.swift.org until Jan 5th Announcements

We have disabled new user sign up until Jan 5th 2021 due to multiple new users misusing the service.

mozeryansky · 2021-01-02T20:26:51.223Z

I came here looking for this same answer. User now named "bad123bb123" closed all my tickets with duplicate. That same user 1hr later reopened a couple of my tickets. My emails showed them named "Admin" and their icon changed from when my tickets were closed to when a couple of them were reopened.

Palle · 2021-01-02T20:34:33.243Z

Basically every one of my issues was in some form modified by this malicious user. Cleaning that up would take some time.

Would reverting to a backup from before bad123bb123 went havoc be an option?

SDGGiesbrecht · 2021-01-02T21:22:59.061Z

I’m another person waiting for a clear answer to this:

Nevin:

So I’m wondering if it’s better for me to leave these issues alone and wait for an automated fix, or if I should manually reopen them?

I have kept all the nefarious notifications I received to serve as a list of what was broken, but I have not attempted to put anything back together, and I will not do so until I hear word.

mishal_shah · 2021-01-02T22:04:31.152Z

We are looking into a few options on reverting these changes. For now, please hold off from reverting changes manually if possible. Currently, I don't have a timeline when these changes will be reverted by but will keep you updated.

davedelong · 2021-01-02T23:44:29.524Z

Thank you so much for looking into this on a weekend!

dive · 2021-01-03T11:27:08.747Z

I see that some issues were reopened, but some are not. Shall we reopen the remaining ones or, perhaps, we can list them in this thread?

xwu · 2021-01-03T14:09:44.135Z

Please see the above:

mishal_shah:

For now, please hold off from reverting changes manually if possible. Currently, I don't have a timeline when these changes will be reverted by but will keep you updated.

mishal_shah · 2021-01-03T19:45:22.932Z

All of the issues should be reverted back to the earlier state, however if you see any issues which were missed please directly message me. Sorry for the inconvenience!

xwu · 2021-01-03T19:55:52.525Z

Thanks for the timely efforts! I've messaged you with some examples where things weren't completely reverted, likely because the malicious actor did some partial undoing perhaps to escape detection.

mishal_shah · 2021-01-03T20:05:52.509Z

Thanks @xwu and @jder I will look into issue you two pointed out. Currently, I don't have a timeline when these other changes will be reverted by but will keep you updated.

Done:
In Progress -> Closed (by malicious actor)
Open -> Closed (by malicious actor)

Looking into:
Resolved -> Reopened (by malicious actor)
Closed -> Reopened (by malicious actor)

xwu · 2021-01-03T20:46:39.120Z

Is it conceivable that the malicious actor could have also altered other data in bugs without closing or reopening them at all?

mishal_shah · 2021-01-04T03:25:19.284Z

Bugs.swift.org is offline for maintenance Announcements

To avoid any additional changes being made on JIRA while we are looking into reverting unwanted changes, bugs.swift.org will be unavailable until further notice.

Lily_Ballard · 2021-01-04T23:03:22.197Z

A bunch of my tickets had their component changed to "Compiler" as well. I can't verify the current state right now as I'm getting "Service Temporarily Unavailable", but that's not mentioned in your list of Done or Looking Into.

mishal_shah · 2021-01-05T01:20:13.459Z

Bugs.swift.org is offline for maintenance Announcements

bugs.swift.org is back online! We have restored bugs.swift.org from Jan 1st 2021 at 1AM CST to remove unwanted changes from JIRA. Unfortunately, if you had filed/updated bugs between Jan 1st and now you will have to re-file/update the bugs. Sorry for the inconvenience this has caused the community. We are looking into options to avoid this in the future.

Thanks everyone for your help!

xwu · 2021-01-05T02:01:12.583Z

from Jan 1st 2020 at 1AM CST

@mishal_shah ...from Jan 1, 2021?

mishal_shah · 2021-01-05T02:24:24.064Z

Correct, Jan 1st, 2021

tahirmt · 2021-01-07T04:03:45.685Z

When will the sign ups be resumed? Any way to sign up right now?