Hello dear developers, We just updated the agent templates on ci.jenkins.io (Linux VMs, Linux Containers and Windows VMs) to ensure that the 2 `git` CVEs https://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85 and https://github.com/git/git/security/advisories/GHSA-rjr6-wcq6-83p6 are fixed in our build environments (more details on https://github.blog/2022-10-18-git-security-vulnerabilities-announced/).
It also includes the changes listed in https://github.com/jenkins-infra/packer-images/releases/tag/0.45.0 . Most notable are: - Git to 2.38.1 (to fix CVEs) - JDK11 bumped to 11.0.16.1+1 - JDK17 bumped to 17.0.4.1+1 Please also note that Docker 20.10.20 (https://docs.docker.com/engine/release-notes/#201020) is also in the party, as well on all of our machines. For the Jenkins Infra, Damien Duportal -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/7cd5079f-58c2-44a8-900e-62fd73ec6be6n%40googlegroups.com.
