(RHSA-2019:3144) Important: OpenShift Container Platform 3.11 jenkins security update

Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a software project or jobs run by CRON.

This advisory contains the updated jenkins RPM package for Red Hat OpenShift Container Platform 3.11.

Security Fix(es):

• jenkins: CSRF protection tokens for anonymous users did not expire in some circumstances (CVE-2019-10384)

• jenkins: stored cross-site scripting in update center web pages (CVE-2019-10383)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.