Jenkins plugins security advisory

2022-08-23 Thread 'Wadeck Follonier' via Jenkins Advisories
The following Jenkins plugin updates contain fixes for security vulnerabilities: * CollabNet Plugins Plugin 2.0.9 * Git Plugin 4.11.5 * Job Configuration History Plugin 1166.vc9f255f45b_8a Additionally, we announce unresolved security issues in the following plugins: * Kubernetes Continuous

Jenkins plugins security advisory

2022-02-15 Thread 'Wadeck Follonier' via Jenkins Advisories
The following Jenkins plugin updates contain fixes for security vulnerabilities: * Agent Server Parameter Plugin 1.1 * autonomiq Plugin 1.16 * Conjur Secrets Plugin 1.0.12 * Custom Checkbox Parameter Plugin 1.2 * Fortify Plugin 20.2.35 * Generic Webhook Trigger Plugin 1.82 * HashiCorp Vault

Jenkins security advisory

2022-01-12 Thread 'Wadeck Follonier' via Jenkins Advisories
The following Jenkins updates contain fixes for security vulnerabilities: * Jenkins 2.330 * Jenkins LTS 2.319.2 The following Jenkins plugin updates contain fixes for security vulnerabilities: * Active Directory Plugin 2.25.1 * Badge Plugin 1.9.1 * Bitbucket Branch Source Plugin

Jenkins and Apache Log4j 2 status

2021-12-10 Thread 'Wadeck Follonier' via Jenkins Advisories
The Jenkins infrastructure and security teams have published a blog post that contains information about CVE-2021-44228 in the Apache Log4j 2 library: https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/ The blog post will be updated if new information is discovered. -- You

Jenkins security advisory

2021-10-06 Thread 'Wadeck Follonier' via Jenkins Advisories
The following Jenkins updates contain fixes for security vulnerabilities: * Jenkins 2.315 * Jenkins LTS 2.303.2 The following Jenkins plugin updates contain fixes for security vulnerabilities: * Git Plugin 4.8.3 Please see the advisory for more information:

Jenkins security advisory

2020-07-15 Thread Wadeck Follonier
The following Jenkins updates contain fixes for security vulnerabilities: * Jenkins 2.245 * Jenkins LTS 2.235.2 The following Jenkins plugin updates contain fixes for security vulnerabilities: * Deployer Framework Plugin 1.3 * Gitlab Authentication Plugin 1.6 * Matrix Authorization Strategy

Jenkins security advisory pre-announcement

2020-07-08 Thread Wadeck Follonier
The Jenkins project plans to publish new Jenkins releases (2.245, LTS 2.235.2) on Wednesday, July 15. These updates will contain fixes for security issues present in current versions of Jenkins. The highest severity is "High". The security advisory will be issued at the same time to provide

Jenkins plugins security advisory pre-announcement

2020-01-13 Thread Wadeck Follonier
The Jenkins project will publish a security advisory for Jenkins plugins on Wednesday, January 15. The highest severity is 'High' and affects plugins with between 5,000 and 10,000 reported installations. The most popular included plugins have between 10,000 and 25,000 reported installations and