Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 565
Alerts This Week
Warning Icon 1 565

Fedora 25: 2016-368780879d Critical: Jenkins Remote Code Execution

fedora
Calendar Grey December 1, 2016
Scroller Fedora
Urgent security patch for Fedora 25 released to fix Java deserialization vulnerability in Jenkins remote communication component.
Security fix for CVE-2016-9299

Summary

This package is primarily used by Jenkins for slave node management,

but it could be potentially reused outside of this project.

Update Information:

Security fix for CVE-2016-9299

Change Log

References


[ 1 ] Bug #1395172 - CVE-2016-9299 jenkins: Java deserialization flaw leads to RCE https://bugzilla.redhat.com/show_bug.cgi?id=1395172

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade jenkins-remoting' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: jenkins-remoting
Product: Fedora 25
Version: 2.62.3
Release: 1.fc25
Summary: Jenkins remoting module

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.