Page MenuHomePhabricator

Jenkins plugins security update 2019-04-17
Closed, ResolvedPublic

Description

Jenkins is an open source automation server which enables developers around
the world to reliably build, test, and deploy their software. The following
releases contain fixes for security vulnerabilities:

  • Azure PublisherSettings Credentials Plugin 1.5
  • GitLab Plugin 1.5.12
  • jira-ext Plugin 0.9
  • ontrack Jenkins Plugin 3.4.1

Additionally, these plugin have security vulnerabilities that have been made
public, but have no releases containing a fix yet:

  • XebiaLabs XL Deploy Plugin

Summaries of the vulnerabilities are below. More details, severity, and
attribution can be found here:
https://jenkins.io/security/advisory/2019-04-17/

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptApr 17 2019, 4:02 PM