Jenkins is an open source automation server which enables developers around the world to reliably build, test, and deploy their software.
The following releases contain fixes for security vulnerabilities:
- Jenkins 2.287
- Jenkins LTS 2.277.2
- Micro Focus Application Automation Tools Plugin 6.8
- promoted builds Plugin 3.9.1
Summaries of the vulnerabilities are below. More details, severity, and attribution can be found here:
We run the previous LTS (2.263.x). The next LTS has a couple of highlighted changes:
- Configuration page should change from <table> to <div>.
- Plugins should be upgraded ahead of the upgrade, notably the LDAP one
So it is not entirely trivial