On Fri, Dec 26, 2025 at 3:34 PM Michael Nazzareno Trimarchi wrote: > Hi > > https://plugins.jenkins.io/android-signing/ > > The Missing permission check allows listing workspace contents > should be fixed by > > commit 33162c65c9f52ca5fa85609bdb652a5d1feda95b > Author: Sandeep <[email protected]> > Date: Fri Feb 10 01:39:13 2023 +0530 > > Fix SECURITY-2404 / CVE-2022-36915 > > Can we update the relative page? if this is ok > > > https://github.com/jenkinsci/android-signing-plugin/commit/33162c65c9f52ca5fa85609bdb652a5d1feda95b > > I believe that the process is to submit a pull request to the Update Center repository that proposes to show the issue is resolved. The security team will review the fix and review the proposed pull request and then merges the pull request when they agree that the issue is resolved.
https://github.com/jenkins-infra/update-center2/pull/896 is an example you can reference. Mark Waite > Michael > > -- > Michael Nazzareno Trimarchi > Co-Founder & Chief Executive Officer > M. +39 347 913 2170 > [email protected] > __________________________________ > > Amarula Solutions BV > Joop Geesinkweg 125, 1114 AB, Amsterdam, NL > T. +31 (0)85 111 9172 > [email protected] > www.amarulasolutions.com > > -- > You received this message because you are subscribed to the Google Groups > "Jenkins Developers" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion visit > https://groups.google.com/d/msgid/jenkinsci-dev/CAOf5uwkmp3%3D3cCTiVb22ZRUy531mztP9_6T4d8KistnJVUeGZA%40mail.gmail.com > . > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/d/msgid/jenkinsci-dev/CAO49JtHo80tg%2BcJDE_5rQtbwa7phZPEZjHO3FRGB5LPbcwOzAQ%40mail.gmail.com.
