security update in Fedora 23 for jenkins

Status: stable 3 years ago

Security fix for CVE-2016-3721, CVE-2016-3722, CVE-2016-3723, CVE-2016-3724, CVE-2016-3725, CVE-2016-3726, CVE-2016-3727

How to install

sudo dnf upgrade --advisory=FEDORA-2016-9ba53cf8a2

Comments 5

This update has been submitted for testing by msrb.

This update has been pushed to testing.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for stable by msrb.

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
Test Gating
Submitted by
Update Type
Update Severity
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Autopush (time)
submitted 3 years ago
in testing 3 years ago
in stable 3 years ago

Related Bugs 8

00 #1335415 CVE-2016-3721 jenkins: Arbitrary build parameters are passed to build scripts as environment variables (SECURITY-170)
00 #1335416 CVE-2016-3722 jenkins: Malicious users with multiple user accounts can prevent other users from logging in (SECURITY-243)
00 #1335417 CVE-2016-3723 jenkins: Information on installed plugins exposed via API (SECURITY-250)
00 #1335418 CVE-2016-3724 jenkins: Encrypted secrets (e.g. passwords) were leaked to users with permission to read configuration (SECURITY-266)
00 #1335420 CVE-2016-3725 jenkins: Regular users can trigger download of update site metadata (SECURITY-273)
00 #1335421 CVE-2016-3726 jenkins: Open redirect to scheme-relative URLs (SECURITY-276)
00 #1335422 CVE-2016-3727 jenkins: Granting the permission to read node configurations allows access to overall system configuration (SECURITY-281)
00 #1335427 CVE-2016-3721 CVE-2016-3722 CVE-2016-3723 CVE-2016-3724 CVE-2016-3725 CVE-2016-3726 CVE-2016-3727 jenkins: various flaws [fedora-all]

Automated Test Results