We just released security updates to Jenkins, versions 2.44 and 2.32.2, that fix a high severity and several medium and low severity issues.
For an overview of what was fixed, see the security advisory. For an overview on the possible impact of these changes on upgrading Jenkins LTS, see our LTS upgrade guide. I strongly recommend you read these documents, as there are a few possible side effects of these fixes.
Subscribe to the jenkinsci-advisories mailing list to receive important notifications related to Jenkins security.
|
Daniel Beck
Daniel is a Jenkins core maintainer and, as security officer, leads the Jenkins security team. He sometimes contributes to developer documentation and project infrastructure. |