Advisories ยป MGASA-2016-0162

Updated jenkins-remoting packages fix CVE-2016-0792

Publication date: 05 May 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-0792

Description

Updated jenkins-remoting packages fix security vulnerability:

Jenkins has several API endpoints that allow low-privilege users to POST 
XML files that then get deserialized by Jenkins. Maliciously crafted XML 
files sent to these API endpoints could result in arbitrary code execution.
(SECURITY-247 / CVE-2016-0792)
                

References

SRPMS

5/core