Google Groups

Security advisory in Jenkins Core


Kohsuke Kawaguchi Jan 10, 2012 11:52 PM
Posted in group: Jenkins Advisories
We've identified and fixed a medium security vulnerability in Jenkins
Core, which is commonly known as "hash DoS attack".

This affects all the releases up to 1.446 and up to 1.424.1.
The fix is released as 1.447 and 1.424.2, so please upgrade to the new
releases, especially if your Jenkins is internet facing. See [1] for
more details.

[1]
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-01-10.cb
--
Kohsuke Kawaguchi                          http://kohsuke.org/