We've identified and fixed a critical security vulnerabilities in
Jenkins core. This affects all the releases of Jenkins to date (main line releases up to 1.452 and LTS up to 1.424.3.) Please upgrade to the new releases at your earliest convenience, especially if your Jenkins is internet facing.
For more details about the vulnerabilities, affected versions, and so on, please consult the security advisory.
(See our Wiki page about security advisories about how we do these.)