(RHSA-2019:3144) Important: OpenShift Container Platform 3.11 jenkins security update

2019-10-1801:30:41

access.redhat.com

112

0.001 Low

EPSS

Percentile

50.6%

JSON

Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by CRON.

This advisory contains the updated jenkins RPM package for Red Hat OpenShift Container Platform 3.11.

Security Fix(es):

jenkins: CSRF protection tokens for anonymous users did not expire in some circumstances (CVE-2019-10384)
jenkins: stored cross-site scripting in update center web pages (CVE-2019-10383)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7noarchjenkins< 2.176.3.1569349414-1.el7jenkins-2.176.3.1569349414-1.el7.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	noarch	jenkins	< 2.176.3.1569349414-1.el7	jenkins-2.176.3.1569349414-1.el7.noarch.rpm

0.001 Low

EPSS

Percentile

50.6%

JSON

Related for RHSA-2019:3144