Friday, November 18, 2016

Security Release: Jenkins 2.19.3 (CVE-2016-9299)

he Jenkins project hast just released a new update that fixes a zero-day vulnerability that allow unauthenticated remote code execution. It is considered critical as it allows to execute code to unprivileged users.

We released new versions of Bitnami Jenkins 2.19.3 installersvirtual machines and cloud images that fix the security issue.

More information about the issue can be found in the official blog post.

Do you already have a Jenkins installation? You can follow our guide about how to upgrade your application and you won't have to worry about these vulnerabilities.

If you have further questions about Bitnami Jenkins or this security issue, please post to our community forum, and we will be happy to help.