The following Jenkins plugin updates contain fixes for security
vulnerabilities:
* CollabNet Plugins Plugin 2.0.9
* Git Plugin 4.11.5
* Job Configuration History Plugin 1166.vc9f255f45b_8a
Additionally, we announce unresolved security issues in the following
plugins:
* Kubernetes Continuous
The following Jenkins plugin updates contain fixes for security
vulnerabilities:
* Agent Server Parameter Plugin 1.1
* autonomiq Plugin 1.16
* Conjur Secrets Plugin 1.0.12
* Custom Checkbox Parameter Plugin 1.2
* Fortify Plugin 20.2.35
* Generic Webhook Trigger Plugin 1.82
* HashiCorp Vault
The following Jenkins updates contain fixes for security vulnerabilities:
* Jenkins 2.330
* Jenkins LTS 2.319.2
The following Jenkins plugin updates contain fixes for security
vulnerabilities:
* Active Directory Plugin 2.25.1
* Badge Plugin 1.9.1
* Bitbucket Branch Source Plugin
The Jenkins infrastructure and security teams have published a blog post
that contains information about CVE-2021-44228 in the Apache Log4j 2
library:
https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/
The blog post will be updated if new information is discovered.
--
You
The following Jenkins updates contain fixes for security vulnerabilities:
* Jenkins 2.315
* Jenkins LTS 2.303.2
The following Jenkins plugin updates contain fixes for security
vulnerabilities:
* Git Plugin 4.8.3
Please see the advisory for more information: