Bitnami/containers
2
0
Fork 0
mirror of https://github.com/bitnami/containers.git synced 2026-04-04 16:27:46 +08:00
Code Issues Packages Projects Releases Wiki Activity

2.44-r0 release

Browse Source 
This release contains important security fixes:
  - Use of AES ECB block cipher mode without IV for encrypting secrets (SECURITY-304 / CVE-2017-2598)
  - Items could be created with same name as existing item (SECURITY-321 / CVE-2017-2599)
  - Node monitor data could be viewed by low privilege users (SECURITY-343 / CVE-2017-2600)
  - Possible cross-site scripting vulnerability in jQuery bundled with timeline widget (SECURITY-349 / CVE-2011-4969)
  - Persisted cross-site scripting vulnerability in parameter names and descriptions (SECURITY-353 / CVE-2017-2601)
  - Outdated jbcrypt version bundled with Jenkins (SECURITY-354 / CVE-2015-0886)
  - Pipeline metadata files not blacklisted in agent-to-master security subsystem (SECURITY-358 / CVE-2017-2602)
  - User data leak in disconnected agents' config.xml API (SECURITY-362 / CVE-2017-2603)
  - Low privilege users were able to act on administrative monitors (SECURITY-371 / CVE-2017-2604)
  - Re-key admin monitor leaves behind unencrypted credentials in upgraded installations (SECURITY-376 / CVE-2017-2605)
  - Internal API allowed access to item names that should not be visible (SECURITY-380 / CVE-2017-2606)
  - Persisted cross-site scripting vulnerability in console notes (SECURITY-382 / CVE-2017-2607)
  - XStream remote code execution vulnerability (SECURITY-383 / CVE-2017-2608)
  - Information disclosure vulnerability in search suggestions (SECURITY-385 / CVE-2017-2609)
  - Persisted cross-site scripting vulnerability in search suggestions (SECURITY-388 / CVE-2017-2610)
  - Insufficient permission check for periodic processes (SECURITY-389 / CVE-2017-2611)
  - Low privilege users were able to override JDK download credentials (SECURITY-392 / CVE-2017-2612)
  - User creation CSRF using GET by admins (SECURITY-406 / CVE-2017-2613)
This commit is contained in:
Bitnami Bot
2017-02-02 18:20:26 +00:00
parent 5a7739d161
commit 8bee93b811
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
bitnami/jenkins/Dockerfile
View File

@@ -3,7 +3,7 @@ FROM gcr.io/stacksmith-images/minideb:jessie-r8
MAINTAINER Bitnami <containers@bitnami.com>
ENV BITNAMI_APP_NAME=jenkins \
BITNAMI_IMAGE_VERSION=2.43-r0 \
BITNAMI_IMAGE_VERSION=2.44-r0 \
PATH=/opt/bitnami/tomcat/bin:/opt/bitnami/git/bin:/opt/bitnami/java/bin:$PATH
# Additional modules required
@@ -12,7 +12,7 @@ RUN bitnami-pkg install tomcat-9.0.0.M17-1 --checksum faf6d4bd2a9ffb3db8f27befe4
RUN bitnami-pkg install git-2.10.1-1 --checksum 454e9eb6fb781c8d492f9937439dcdfc1a931959d948d4c70e79716d2ea51a2b
# Install jenkins
RUN bitnami-pkg unpack jenkins-2.43-0 --checksum 3cba3bf0ece2f8ba8a721f9691bab2654584ddf895b1ab026e9b65b4236338e6
RUN bitnami-pkg unpack jenkins-2.44-0 --checksum 6916ac4034183248e7a27aed6f9322f3b502889857f66df6ffba17ed50aba5cc
COPY rootfs /