Jenkins security advisory pre-announcement
191 views
Skip to first unread message
Daniel Beck
Aug 6, 2020, 8:51:02 AM8/6/20
to Jenkins Advisories
The Jenkins project plans to publish new Jenkins releases (weekly and LTS 2.235.4) on Wednesday, August 12. These updates will contain fixes for security issues present in current versions of Jenkins. The highest severity is "High". The security advisory will be issued at the same time to provide further information.
If you are currently using Jenkins LTS 2.235.2 or older installed from our Debian or Red Hat package repositories, we recommend updating to 2.235.3 now to ensure you're set up to apply the 2.235.4 update. See https://www.jenkins.io/doc/upgrade-guide/2.235/#repository-signing-key-update for details.
If you are currently using Jenkins LTS 2.235.2 or older installed from our Debian or Red Hat package repositories, we recommend updating to 2.235.3 now to ensure you're set up to apply the 2.235.4 update. See https://www.jenkins.io/doc/upgrade-guide/2.235/#repository-signing-key-update for details.
Daniel Beck
Aug 14, 2020, 10:26:47 AM8/14/20
to Jenkins Advisories
The Jenkins project plans to publish a new Jenkins LTS release (2.235.5) next week (week of August 17). This update will contain a fix for a security issue present in the current version of Jenkins LTS. The severity is "Critical". The security advisory will be issued at the same time to provide further information. We plan to publish the release as soon as it's ready, so we are unable to provide an exact release date beforehand.
The current release of Jenkins (weekly) is unaffected by this issue.
The current release of Jenkins (weekly) is unaffected by this issue.
Reply all
Reply to author
Forward
0 new messages