Hello dear developers, We just updated the agent templates on ci.jenkins.io (Linux VMs, Linux Containers and Windows VMs) to ensure that the 2 `git` CVEs https://github.com/git/git/security/advisories/GHSA-3wp6-j8xr-qw85 and https://github.com/git/git/security/advisories/GHSA-rjr6-wcq6-83p6 are fixed in our build environments (more details on https://github.blog/2022-10-18-git-security-vulnerabilities-announced/).
It also includes the changes listed in https://github.com/jenkins-infra/packer-images/releases/tag/0.45.0 . Most notable are: - Git to 2.38.1 (to fix CVEs) - JDK11 bumped to 11.0.16.1+1 - JDK17 bumped to 17.0.4.1+1 Please also note that Docker 20.10.20 (https://docs.docker.com/engine/release-notes/#201020) is also in the party, as well on all of our machines. For the Jenkins Infra, Damien Duportal -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-dev+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/7cd5079f-58c2-44a8-900e-62fd73ec6be6n%40googlegroups.com.
