Multiple security vulnerabilities in Jenkins 2.393 and earlier, LTS 2.375.3 and earlier

Maheshrvm · March 12, 2023, 6:52am

Hi , I am getting the below warning message in my Jenkins home page. Please help to resolve that warnings.

Jenkins 2.375.1 core and libraries
Multiple security vulnerabilities in Jenkins 2.393 and earlier, LTS 2.375.3 and earlier
A fix for this issue is available. Go to the plugin manager to update the plugin.

halkeye · March 12, 2023, 7:05am

and? This isn’t a question. It’s just a statement.

2.375.1 is not the latest version of the 2.375 line.

NotMyFault · March 12, 2023, 9:18am

You linked the security advisory containing the steps what to do. I recommend taking a look at it.
The security advisory notes how to mitigate the warnings.

Maheshrvm · March 12, 2023, 9:29am

Gotcha. Need to follow below.

Fix

Jenkins weekly should be updated to version 2.394
Jenkins LTS should be updated to version 2.375.4 or 2.387.1
update-center2 should be updated to version 3.15

Maheshrvm · March 12, 2023, 9:59am

Btw I dont see the version more than 2.375.3 . Wondering how to upgrade to Jenkins LTS should be updated to version 2.375.4 or 2.387.1 as these are the fixes.

NotMyFault · March 12, 2023, 10:44am

Once chore(deps): bump lts to 2.387.1 by jenkins-dependency-updater[bot] · Pull Request #812 · jenkinsci/helm-charts · GitHub is merged and released, update the helm repository.

Maheshrvm · March 12, 2023, 11:23am

Thank much. It helped.!!

Topic		Replies	Views
Jenkins version 2.375.4 Ask a question	3	581	March 28, 2023
Is Jenkins@2.332.2 and Jenkins@2.332.3 supported/patched? Using Jenkins	1	510	December 1, 2022
Jenkins Warnings Using Jenkins	3	884	March 28, 2023
Deprecated plugins and warning messages in Jenkins GUI Using Jenkins	11	1687	March 2, 2023
Vulnerabilities on Jenkins LTS 2.401.1 Ask a question question , docker	5	1003	August 8, 2023

Multiple security vulnerabilities in Jenkins 2.393 and earlier, LTS 2.375.3 and earlier

Fix

Related topics