The script in the original version of the blog post linked below did not resolve the problem completely. If you've already installed that script, please update it.
We may continue to update the blog post and the GitHub repository with the script as needed, so keep an eye on these for updates: * https://github.com/jenkinsci-cert/SECURITY-218 * https://jenkins-ci.org/content/mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli On 07.11.2015, at 02:32, Daniel Beck <m...@beckweb.net> wrote: > We've received a number of reports of a 0-day exploit published today that > attacks Jenkins instances through the CLI. > > Please see this blog post for more information, including a workaround to > protect vulnerable instances: > https://jenkins-ci.org/content/mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli -- You received this message because you are subscribed to the Google Groups "Jenkins Advisories" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-advisories+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.