We just released security updates to Jenkins, versions 2.121 and 2.107.3, that fix multiple security vulnerabilities.

Additionally, we announce previously published security issues and corresponding fixes in these plugins:

For an overview of what was fixed, see the security advisory. For an overview on the possible impact of these changes on upgrading Jenkins LTS, see our LTS upgrade guide.

Subscribe to the jenkinsci-advisories mailing list to receive important notifications related to Jenkins security.

About the Author
Daniel Beck

Daniel is a Jenkins core maintainer and, as security officer, leads the Jenkins security team. He sometimes contributes to developer documentation and project infrastructure.