A recent CVE was published for the BlueOcean plugin being vulnerable to a
low effort CSRF attack that could disclose github credentials
I have redeployed all Jenkins servers with an updated docker images that
contains a fixed version of BlueOcean.
The changes were minimal and should not be disruptive, but please let me
know if you experience any problems.
Kelley Spoon <kelley.spoon(a)linaro.org>