RHSA-2016:0711High
Red Hat Security Advisory: jenkins security update
🔗 CVE IDs covered (5)
📋 Description
CVE-2016-0788 — jenkins: Remote code execution vulnerability in remoting module (SECURITY-232) CVE-2016-0789 — jenkins: HTTP response splitting vulnerability (SECURITY-238) CVE-2016-0790 — jenkins: Non-constant time comparison of API token (SECURITY-241) CVE-2016-0791 — jenkins: Non-constant time comparison of CSRF crumbs (SECURITY-245) CVE-2016-0792 — jenkins: Remote code execution through remote API (SECURITY-247)
🔗 References (11)
- selfhttps://access.redhat.com/errata/RHSA-2016:0711
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
- externalhttps://jenkins.io/changelog-stable/#v1.642.2
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1311946
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1311947
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1311948
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1311949
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1311950
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1324664
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0711.json