Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 522
Alerts This Week
Warning Icon 1 522

Fedora: Security Update for Jenkins-Remoting Critical Bugs

fedora
Calendar Grey March 17, 2016
Dist Fedora Esm H88
Important Fedora enhancement for jenkins-remote addressing several vulnerabilities, promoting enhanced functionality and security.
Fixes CVE-2016-0788, CVE-2016-0789, CVE-2016-0790, CVE-2016-0791, CVE-2016-0792, and possible NoClassDefFoundError: org/codehaus/stax2/XMLInputFactory2 exception bug.

Summary

This package is primarily used by Jenkins for slave node management,

but it could be potentially reused outside of this project.

Update Information:

Fixes CVE-2016-0788, CVE-2016-0789, CVE-2016-0790, CVE-2016-0791, CVE-2016-0792, and possible NoClassDefFoundError: org/codehaus/stax2/XMLInputFactory2 exception bug.

Change Log

References


[ 1 ] Bug #1311950 - CVE-2016-0792 jenkins: Remote code execution through remote API (SECURITY-247) https://bugzilla.redhat.com/show_bug.cgi?id=1311950

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update jenkins-remoting' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: jenkins-remoting
Product: Fedora 23
Version: 2.53.3
Release: 1.fc23
Summary: Jenkins remoting module

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.