616684 – (CVE-2017-1000356) <dev-util/jenkins-bin-{2.46.2, 2.57}: Multiple Vulnerabilities

Bug 616684 (CVE-2017-1000356) - <dev-util/jenkins-bin-{2.46.2, 2.57}: Multiple Vulnerabilities

Summary: <dev-util/jenkins-bin-{2.46.2, 2.57}: Multiple Vulnerabilities

Status:	RESOLVED FIXED

Alias:	CVE-2017-1000356

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High trivial (vote)
Assignee:	Gentoo Security

URL:	https://jenkins.io/security/advisory/...
Whiteboard:	~1 [noglsa/cve]
Keywords:

Depends on:
Blocks:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Oleg Korsak 2017-04-26 20:45:46 UTC

Security issues have been fixed: https://jenkins.io/security/advisory/2017-04-26/

Comment 1 Hans de Graaff gentoo-dev

2017-04-27 05:19:42 UTC

This also affects the "lts" slot.

Fixed versions are now in the tree:

dev-util/jenkins-bin-2.46.2:lts
dev-util/jenkins-bin-2.57

Comment 2 Yury German Gentoo Infrastructure

2017-04-28 05:58:28 UTC

Maintainer(s), please drop the vulnerable version(s).

Comment 3 Hans de Graaff gentoo-dev

2017-04-30 08:41:38 UTC

(In reply to Yury German from comment #2)
> Maintainer(s), please drop the vulnerable version(s).

Done.

Comment 4 Yury German Gentoo Infrastructure

2017-04-30 12:11:58 UTC

Thank you all for you work. 
Closing as [noglsa].