Jenkins security advisory pre-announcement

There will be an update made to our Jenkins instance today at short
notice, so tests will probably stop running for ~30 minutes and a quick
restart will follow.

I'll mention on #theforeman-dev when this begins and Jenkins will show a
red banner when the queue is paused.


··· -- Dominic Cleal Red Hat Engineering

-------- Forwarded Message --------
Subject: Security advisory pre-announcement
Date: Fri, 20 Mar 2015 16:26:48 -0700
From: Kohsuke Kawaguchi
To: Jenkins advisories

Based on feedback from users, I’m trying out a change in the security
advisory process. Specifically, this is a pre-announcement of an
upcoming security advisory.

We are planning to push out new releases Monday March 23rd 2015. These
releases (1.606 and 1.596.2) will contain a fix to a critical security
issue found in current versions of Jenkins. All the versions known to
date (<=1.605 and <=1.596.1) are affected by this vulnerability.

This is a very important security fix, so please be prepared to update
your Jenkins installation Monday. The security advisory will be issued
Monday to provide further information about the problem.

Kohsuke Kawaguchi

You received this message because you are subscribed to the Google
Groups “Jenkins Advisories” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to
For more options, visit