fe to remove jQuery 1
> as well...
>
> Am 02.05.2024 um 23:39 schrieb s.p...@gmail.com :
>
> Our scan reports are showing an out-of-date version of jQuery. Upon some
> investigation, I figured out there are two jQuery plugins installed. 1)
> jQuery 1.12.4-1 2) jQuery 3.7.1-2 .
Our scan reports are showing an out-of-date version of jQuery. Upon some
investigation, I figured out there are two jQuery plugins installed. 1)
jQuery 1.12.4-1 2) jQuery 3.7.1-2 . I'm not able to delete the older
jQuery plugin either from the UI or from the server. How do I remove the
older
Please help.
On Wednesday, March 13, 2024 at 3:27:25 PM UTC-4 s.p...@gmail.com wrote:
> Our web scans are showing Version disclosure for Jquery/YUI/Prototyejs .
> Jenkins is running on windows server . Version is 2.426.3 The remedy our
> security team suggesting is : Configure your w
Our web scans are showing Version disclosure for Jquery/YUI/Prototyejs .
Jenkins is running on windows server . Version is 2.426.3 The remedy our
security team suggesting is : Configure your web server to prevent
information leakage.I'm not sure how to configure the web server.Any
Our web scans are showing Dockerfile detected vulnerability . Jenkins
version 2..414.2 . Jenkins is running on windows server. What is the
remediation for this ? Any help is appreciated. TIA
--
You received this message because you are subscribed to the Google Groups
"Jenkins Users" group.
To
Hi,
Jenkins is installed on windows server. Our web scans show three low
findings .
1) cookie not marked as HttpOnly
2) [Possible] Cross-site Request Forgery
3) Missing X-frame-options header.
Installed Missing X-frame plugin and the set the option as SAMEORIGIN but
the scans still shows as
There is a STored XSS vulnerability for the JDK Parameter plugin.We use
this plugin to specify the JDK version for our Builds compilation. Is there
any plans to upgrade the plugin or can I use the any other plugin ? TIA
--
You received this message because you are subscribed to the Google
that transition.
>
> On Wednesday, November 3, 2021 at 8:24:47 AM UTC-6 s.p...@gmail.com wrote:
>
>> After I upgraded Jenkins to 2.303.2, I'm seeing an alert as below. J. I
>> think Java 11 is OpenJDK and we are using java 1.8.0_301. Is Java 1.8 no
>> longer supporte
After I upgraded Jenkins to 2.303.2, I'm seeing an alert as below. J. I
think Java 11 is OpenJDK and we are using java 1.8.0_301. Is Java 1.8 no
longer supported ? Any inputs are really appreciated. TIA
"Java11 is the recommended version to run Jenkins on; please consider
upgrading."
--
I'm not able to start Jenkins as windows service or from the command line.
I'm receiving the following error.
Unhandled Exception: System.BadImageFormatException: Could not load file or
asse
mbly 'jenkins.exe' or one of its dependencies. This assembly is built by a
runti
me newer than the
SHA256,
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 \
EC keySize < 224, anon, NULL, \
On Wednesday, June 2, 2021 at 10:49:07 AM UTC-4 s.p...@gmail.com wrote:
> In our web scans, we are seeing weak ciphers-enabled v
-4 s.p...@gmail.com wrote:
> Thank you.I will try.
>
> On Tuesday, June 8, 2021 at 7:56:55 AM UTC-4 jn...@cloudbees.com wrote:
>
>> you can just switch the war.
>> Make sure you do not go to a lower version though. in other words if you
>> are on 2.275 you could
o
> wait for the next LTS to be released above that (which will be about 3
> months time).
>
>
> On Monday, May 31, 2021 at 6:34:52 PM UTC+1 s.p...@gmail.com wrote:
>
>> Thank you Björn . I will look into this. Are there any steps I need to
>> consider before migrating from
In our web scans, we are seeing weak ciphers-enabled vulnerability.
*example:* Netsparker Enterprise detected that weak ciphers are enabled
during
secure communication (SSL).
You should allow only strong ciphers on your webserver to protect
secure communication with your visitors.
List of
In our web scans, we are seeing weak ciphers-enabled vulnerability. Any
help is really appreciated. TIA
example: Netsparker Enterprise detected that weak ciphers are enabled during
secure communication (SSL).
You should allow only strong ciphers on your webserver to protect
secure communication
removed from the library before it was included in
> Jenkins.
> But the out-of-date status is still valid unfortunately.
>
> Best regards,
>
> Wadeck
> On Monday, May 31, 2021 at 2:33:00 AM UTC+2 s.p...@gmail.com wrote:
>
>> Thank you, Oleg. Thank you for sharing the
dersen schrieb am Montag, 31. Mai 2021 um 08:47:46 UTC+2:
>
>> Hi,
>>
>> it seems you did not upgrade all plugins as well. These effects are
>> caused by the tables-to-div migrations.
>>
>> See https://www.jenkins.io/doc/developer/views/table-to-div-migrat
After I upgraded Jenkins from 2.250 to 2.275, I noticed that the UI for the
Jobs configuration looks different. The section for Source Code
Management/Build Triggers/Build Environment/build/Post-build actions are
missing at the top of the job configuration page and I see a couple of
ust for your information, we have an official process for
> reporting security vulnerabilities. I highly recommend following this
> process. Please see
> https://www.jenkins.io/security/#reporting-vulnerabilities
>
> Best regards,
> Oleg Nenashev
>
>
>
> On Su
Our web scans shows out-of-date version(YUI) vulnerability. I'm not able to
find anything on how to remediate this finding. Any help is appreciated. TIA
Example : /static/01babc68/scripts/yui/yahoo/yahoo-min.js
Affected versions of the package are vulnerable to Cross-site
Scripting(XSS) via
20 matches
Mail list logo