Security advisory in Jenkins core / violations plugin / CI game plugin

280 views
Skip to first unread message

Kohsuke Kawaguchi

unread,
Sep 17, 2012, 2:17:48 PM9/17/12
to Jenkins advisories

We've identified and fixed several critical and high vulnerabilities in
Jenkins core, the violations plugin, and the CI game plugin.

This affects all the releases of them to date:

- mainline release <= 1.481
- all LTS releases <= 1.466.1
- violations plugin <= 0.7.10
- CI game plugin <= 1.19

Please see [1] for details. Customers of Jenkins Enterprise by CloudBees
and DEV@cloud, please see the corresponding security advisory by
CloudBees [2].

For more information about security advisories and ways to get notified,
please see [3].


[1]
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-09-17
[2]
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
[3] https://wiki.jenkins-ci.org/display/JENKINS/Security+Advisories
--
Kohsuke Kawaguchi | CloudBees, Inc. | http://cloudbees.com/
Try Nectar, our professional version of Jenkins
Reply all
Reply to author
Forward
0 new messages