No official advisory published yet but => 1.626 deemed affected http://seclists.org/bugtraq/2015/Aug/161
devel/jenkins has been updated.