The SSH Slaves Plugin did not perform host key verification, thereby enabling Man-in-the-Middle attacks. External Reference: https://jenkins.io/security/advisory/2017-03-20/
Acknowledgments: Name: the Jenkins project Upstream: Tim Otten (CiviCRM LLC)
Created jenkins-ssh-slaves-plugin tracking bugs for this issue: Affects: fedora-all [bug 1434342]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.