The following Jenkins plugin updates contain fixes for security
vulnerabilities:
* CollabNet Plugins Plugin 2.0.9
* Git Plugin 4.11.5
* Job Configuration History Plugin 1166.vc9f255f45b_8a
Additionally, we announce unresolved security issues in the following
plugins:
* Kubernetes Continuous
The following Jenkins plugin updates contain fixes for security
vulnerabilities:
* Agent Server Parameter Plugin 1.1
* autonomiq Plugin 1.16
* Conjur Secrets Plugin 1.0.12
* Custom Checkbox Parameter Plugin 1.2
* Fortify Plugin 20.2.35
* Generic Webhook Trigger Plugin 1.82
* HashiCorp Vault
The following Jenkins updates contain fixes for security vulnerabilities:
* Jenkins 2.330
* Jenkins LTS 2.319.2
The following Jenkins plugin updates contain fixes for security
vulnerabilities:
* Active Directory Plugin 2.25.1
* Badge Plugin 1.9.1
* Bitbucket Branch Source Plugin
The Jenkins infrastructure and security teams have published a blog post
that contains information about CVE-2021-44228 in the Apache Log4j 2
library:
https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/
The blog post will be updated if new information is discovered.
--
You
The following Jenkins updates contain fixes for security vulnerabilities:
* Jenkins 2.315
* Jenkins LTS 2.303.2
The following Jenkins plugin updates contain fixes for security
vulnerabilities:
* Git Plugin 4.8.3
Please see the advisory for more information:
The following Jenkins updates contain fixes for security vulnerabilities:
* Jenkins 2.245
* Jenkins LTS 2.235.2
The following Jenkins plugin updates contain fixes for security
vulnerabilities:
* Deployer Framework Plugin 1.3
* Gitlab Authentication Plugin 1.6
* Matrix Authorization Strategy
The Jenkins project plans to publish new Jenkins releases (2.245, LTS
2.235.2) on Wednesday, July 15. These updates will contain fixes for
security issues present in current versions of Jenkins. The highest
severity is "High". The security advisory will be issued at the same time
to provide
The Jenkins project will publish a security advisory for Jenkins plugins on
Wednesday, January 15. The highest severity is 'High' and affects plugins
with between 5,000 and 10,000 reported installations. The most popular
included plugins have between 10,000 and 25,000 reported installations and