Resolved Bugs
1205637 – CVE-2015-1806 CVE-2015-1807 CVE-2015-1813 CVE-2015-1812 CVE-2015-1811 CVE-2015-1810 CVE-2015-1808 CVE-2015-1809 CVE-2015-1814 jenkins: various flaws [fedora-all]
1205615 – CVE-2015-1812 CVE-2015-1813 jenkins: Reflective XSS vulnerability (SECURITY-171, SECURITY-177)
1205616 – CVE-2015-1814 jenkins: forced API token change (SECURITY-180)
1205620 – CVE-2015-1806 jenkins: Combination filter Groovy script unsecured (SECURITY-125)
1205622 – CVE-2015-1807 jenkins: directory traversal from artifacts via symlink (SECURITY-162)
1205623 – CVE-2015-1808 jenkins: update center metadata retrieval DoS attack (SECURITY-163)
1205625 – CVE-2015-1809 jenkins: external entity injection via XPath (SECURITY-165)
1205627 – CVE-2015-1810 jenkins: HudsonPrivateSecurityRealm allows creation of reserved names (SECURITY-166)
1205632 – CVE-2015-1811 jenkins: External entity processing in XML can reveal sensitive local files (SECURITY-167)<br
Security fix for CVE-2015-1806, CVE-2015-1807, CVE-2015-1813, CVE-2015-1812, CVE-2015-1810, CVE-2015-1808, CVE-2015-1809, CVE-2015-1814, CVE-2015-1811