Описание
Jenkins Subversion Partial Release Manager Plugin programmatically disables the fix for CVE-2016-3721
Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically sets the Java system property hudson.model.ParametersAction.keepUndefinedParameters whenever a build is triggered from a release tag with the 'Svn-Partial Release Manager' SCM. Doing so disables the fix for SECURITY-170 / CVE-2016-3721.
As of publication of this advisory, there is no fix.
Пакеты
org.jenkins-ci.plugins:partial-release-manager
<= 1.0.1
Отсутствует
Связанные уязвимости
Jenkins Subversion Partial Release Manager Plugin 1.0.1 and earlier programmatically disables the fix for CVE-2016-3721 whenever a build is triggered from a release tag, by setting the Java system property 'hudson.model.ParametersAction.keepUndefinedParameters'.