Updated jenkins-remoting packages fix CVE-2016-0792
Publication date: 05 May 2016Modification date: 05 May 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-0792
Description
Updated jenkins-remoting packages fix security vulnerability: Jenkins has several API endpoints that allow low-privilege users to POST XML files that then get deserialized by Jenkins. Maliciously crafted XML files sent to these API endpoints could result in arbitrary code execution. (SECURITY-247 / CVE-2016-0792)
References
SRPMS
5/core
- jenkins-remoting-2.53.3-1.mga5