Page MenuHomePhabricator

Jenkins plugins security update 2019-04-17
Closed, ResolvedPublic


Jenkins is an open source automation server which enables developers around
the world to reliably build, test, and deploy their software. The following
releases contain fixes for security vulnerabilities:

  • Azure PublisherSettings Credentials Plugin 1.5
  • GitLab Plugin 1.5.12
  • jira-ext Plugin 0.9
  • ontrack Jenkins Plugin 3.4.1

Additionally, these plugin have security vulnerabilities that have been made
public, but have no releases containing a fix yet:

  • XebiaLabs XL Deploy Plugin

Summaries of the vulnerabilities are below. More details, severity, and
attribution can be found here:

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 17 2019, 4:02 PM