Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 526
Alerts This Week
Warning Icon 1 526

Fedora: 2016-641c8b4eb2 Moderate: Jenkins Remote Code Execution Update

fedora
Calendar Grey March 17, 2016
Dist Fedora Esm H88
The latest Jenkins update for Fedora 23 resolves several security vulnerabilities and implements necessary improvements. Discover the steps to apply this update.
Fixes CVE-2016-0788, CVE-2016-0789, CVE-2016-0790, CVE-2016-0791, CVE-2016-0792, and possible NoClassDefFoundError: org/codehaus/stax2/XMLInputFactory2 exception bug.

Summary

Jenkins is an award-winning, cross-platform, continuous integration and

continuous delivery application that increases your productivity. Use

Jenkins to build and test your software projects continuously making it

easier for developers to integrate changes to the project, and making it

easier for users to obtain a fresh build. It also allows you to

continuously deliver your software by providing powerful ways to define

your build pipelines and integrating with a large number of testing and

deployment technologies.

Update Information:

Fixes CVE-2016-0788, CVE-2016-0789, CVE-2016-0790, CVE-2016-0791, CVE-2016-0792, and possible NoClassDefFoundError: org/codehaus/stax2/XMLInputFactory2 exception bug.

Change Log

References


[ 1 ] Bug #1311950 - CVE-2016-0792 jenkins: Remote code execution through remote API (SECURITY-247) https://bugzilla.redhat.com/show_bug.cgi?id=1311950

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update jenkins' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
important
Lowest
Low
Medium
High
Critical

Name: jenkins
Product: Fedora 23
Version: 1.625.3
Release: 3.fc23
Summary: An extendable open source continuous integration server

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.