Security advisory in Jenkins core

238 views
Skip to first unread message

Kohsuke Kawaguchi

unread,
Nov 20, 2012, 6:14:15 PM11/20/12
to Jenkins advisories
We've identified and fixed several high vulnerabilities in Jenkins core.

This affects all the releases to date:

- mainline release <= 1.490
- LTS release <= 1.466.2

These vulnerabilities are discovered by Soroush Dalili, and we'd like to
thank him.

Please see [1] for more details. Customers of Jenkins Enterprise by
CloudBees and DEV@cloud, please see the corresponding security advisory
by CloudBees [2].

For more information about security advisories and ways to get notified,
please see [3].

[1]
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20
[2]
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb
[3] https://wiki.jenkins-ci.org/display/JENKINS/Security+Advisories
--
Kohsuke Kawaguchi http://kohsuke.org/
Reply all
Reply to author
Forward
0 new messages