Jenkins²å¼þÔ¶³Ì´úÂëÖ´ÐÐÎó²îÇ徲ͨ¸æ

Ðû²¼Ê±¼ä 2019-02-22

Îó²î±àºÅºÍ¼¶±ð


CVE±àºÅ£ºCVE-2019-1003000£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬CVSS·ÖÖµ£º8.8

CVE±àºÅ£ºCVE-2019-1003001£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬CVSS·ÖÖµ£º8.8

CVE±àºÅ£ºCVE-2019-1003002£¬£¬£¬£¬£¬Î£ÏÕ¼¶±ð£º¸ßΣ£¬£¬£¬£¬£¬CVSS·ÖÖµ£º8.8


Ó°Ïì¹æÄ£


ÊÜÓ°Ïì°æ±¾£º 

Pipeline: Declarative Plugin 1.3.4¼°Ö®Ç°°æ±¾

Pipeline: Groovy Plugin 2.61¼°Ö®Ç°°æ±¾

Script Security Plugin 1.49¼°Ö®Ç°°æ±¾


Îó²î¸ÅÊö


CloudBees Jenkins£¨Ç°³ÆHudson Labs£©ÊÇÃÀ¹úCloudBees¹«Ë¾µÄÒ»Ì×»ùÓÚJava¿ª·¢µÄÒ»Á¬¼¯³É¹¤¾ß£¬£¬£¬£¬£¬¸Ã¹¤¾ßÖ÷ÒªÓÃÓÚ¼à¿ØÖÈÐòÖØ¸´µÄÊÂÇé¡£¡£¡£¡£¡£¡£¡£


2019Äê1ÔÂ8ÈÕ£¬£¬£¬£¬£¬JenkinsÐû²¼Ç徲ͨ¸æ£¬£¬£¬£¬£¬´Ë´ÎµÄÇ徲ͨ¸æ¸üÐÂÐÞ¸´ÁËJenkinsµÄScript SecurityÒÔ¼°Pipeline PluginsµÈ²å¼þµÄsandbox bypassÔ¶³Ì´úÂëÖ´ÐÐÎó²î¡£¡£¡£¡£¡£¡£¡£Îó²î±àºÅ»®·ÖΪCVE-2019-1003000(Script Security)¡¢CVE-2019-1003001 (Pipeline: Groovy)¡¢CVE-2019-1003002 (Pipeline: Declarative)¡£¡£¡£¡£¡£¡£¡£


CVE-2019-1003000


Script SecurityÊÇÆäÖеÄÒ»¸öÓÃÓÚ¼ì²â¾ç±¾Çå¾²ÐԵIJå¼þ¡£¡£¡£¡£¡£¡£¡£


CloudBees Script Security Plugin 2.49¼°Ö®Ç°°æ±¾ÖÐµÄ src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.javÎļþ±£´æÇå¾²Îó²î¡£¡£¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îÔÚJenkins master JVMÉÏÖ´ÐÐí§Òâ´úÂë¡£¡£¡£¡£¡£¡£¡£


CVE-2019-1003001


Pipeline:Groovy PluginÊÇÆäÖеÄÒ»¸ö»ùÓÚJava¿ª·¢µÄÒ»Á¬¼¯³É¹¤¾ßÖеÄÁ÷³Ì¹¹½¨²å¼þ¡£¡£¡£¡£¡£¡£¡£


CloudBees Pipeline: Groovy Plugin 2.61¼°Ö®Ç°°æ±¾Öб£´æÇå¾²Îó²î¡£¡£¡£¡£¡£¡£¡£¹¥»÷Õ߿ɽèÖúpipeline¾ç±¾Ê¹ÓøÃÎó²îÈÆ¹ýɳºÐ±£»£» £»£»¤£¬£¬£¬£¬£¬ÔÚJenkins master JVMÉÏÖ´ÐÐí§Òâ´úÂë¡£¡£¡£¡£¡£¡£¡£


CVE-2019-1003002


Pipeline:Declarative PluginÊÇʹÓÃÔÚÆäÖеÄÒ»¸öÖ¸ÁîÌìÉúÆ÷²å¼þ¡£¡£¡£¡£¡£¡£¡£


CloudBees Pipeline: Declarative Plugin 1.3.3¼°Ö®Ç°°æ±¾ÖеÄpipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovyÎļþ±£´æÇå¾²Îó²î¡£¡£¡£¡£¡£¡£¡£¹¥»÷Õ߿ɽèÖúpipeline¾ç±¾Ê¹ÓøÃÎó²îÈÆ¹ýɳºÐ±£»£» £»£»¤£¬£¬£¬£¬£¬ÔÚJenkins master JVMÉÏÖ´ÐÐí§Òâ´úÂë¡£¡£¡£¡£¡£¡£¡£


ÐÞ¸´½¨Òé


½«JenkinsµÄpluginsÉý¼¶ÖÁÆäÐÞ¸´°æ±¾£º 

1.       ½«Declarative Plugin¸üÐÂÖÁ1.3.4.1°æ£ºhttps://plugins.jenkins.io/pipeline-model-definition

2.       ½«Groovy Plugin ¸üÐÂÖÁ2.61.1°æ£ºhttps://plugins.jenkins.io/workflow-cps

3.       ½«Security Plugin¸üÐÂÖÁ1.50°æ£ºhttps://plugins.jenkins.io/script-security


²Î¿¼Á´½Ó


https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266