Security Advisories
CloudBees Security Advisory2021-08-02
This advisory announces vulnerabilities in
,
and
CloudBees Jenkins Platform
,
and
CloudBees CI
New build step allows users without ADMIN permission remove the CasC bundles
BEE-7205
The Synchronize bundles from workspace with internal storage Freestyle build step is no longer supported
The Synchronize bundles from workspace with internal storage Freestyle build step is not supported for new jobs. For existing jobs, the build step is present, but is non-functional.
Note
Warning
Severity
- BEE-7205: Low
Fix
- CloudBees Traditional Platforms should be upgraded 2.289.3.2 rev2
- CloudBees Cloud Platforms should be upgraded 2.289.3.2 rev2
- CloudBees Jenkins Enterprise should be upgraded the Managed Masters and Operations Center to 2.289.3.2 rev2
- CloudBees Jenkins Platform (rolling train, CJP Operations Center and CJP Client Master (2.x.y.z) should be upgraded to version 2.289.3.2 rev2
Subscribe to
security alerts
Get notified automatically when new vulnerabilities are disclosed.
Subscription confirmed
You'll now be notified automatically when new vulnerabilities are disclosed