---

ASA-202111-1 - log back

ASA-202111-1 edited at 09 Nov 2021 14:16:49

Workaround

- If you are unable to immediately upgrade to Jenkins 2.319 right away, you can install the Remoting Security Workaround Plugin. It will prevent all agent-to-controller file access using FilePath APIs. Because it is more restrictive than Jenkins 2.319, more plugins are incompatible with it. Make sure to read the plugin documentation before installing it. + If you are unable to immediately upgrade to Jenkins 2.319 right away, + you can install the Remoting Security Workaround Plugin. It will + prevent all agent-to-controller file access using FilePath APIs. + Because it is more restrictive than Jenkins 2.319, more plugins are + incompatible with it. Make sure to read the plugin documentation before + installing it.

ASA-202111-1 edited at 05 Nov 2021 11:28:21
Workaround	+ If you are unable to immediately upgrade to Jenkins 2.319 right away, you can install the Remoting Security Workaround Plugin. It will prevent all agent-to-controller file access using FilePath APIs. Because it is more restrictive than Jenkins 2.319, more plugins are incompatible with it. Make sure to read the plugin documentation before installing it.
Impact	+ Agent processes could read and write arbitrary files on the Jenkins controller file system, and obtain some information about Jenkins controller file systems.

ASA-202111-1 created at 05 Nov 2021 11:26:51