Closed Bug 1381543 Opened 7 years ago Closed 7 years ago

Please upgrade Jenkins plugins on QAJenkinsPROD - to address 2017-07-10 sec vulnerabilities

Tracking

(Not tracked)

Status:

VERIFIED FIXED

People

(Reporter: rpapa, Unassigned)

Details

Richard Pappalardo [:rpapa][:rpappalardo]

Reporter

Description

•

7 years ago

REQUEST
please upgrade the Jenkins plugins listed below on the QAJenkinsPROD instance to address the following sec vulnerabilites: https://jenkins.io/security/advisory/2017-07-10/

NOTE:
:davehunt has upgraded plugins on QAJenkinsDEV and re-run test.
plugin vetting - PASSED


The following Jenkins plugin updates have been released to fix security vulnerabilities:

* Docker Commons Plugin 1.8
* Git Plugin 3.3.2 and 3.4.0-beta-2
* GitHub Branch Source Plugin 2.0.8 and 2.2.0-beta-2
* Parameterized Trigger Plugin 2.35
* Periodic Backup Plugin 1.5
* Pipeline: Build Step Plugin 2.5.1
* Pipeline: Groovy Plugin 2.36.1
* Poll SCM Plugin 1.4
* Role-based Authorization Strategy Plugin 2.5.1
* Script Security Plugin 1.29.1
* Sidebar Link Plugin 1.9
* SSH Plugin 2.5
* Subversion Plugin 2.9

Chris Kolosiwsky [:ckolos] (ckolos has left the building)

Comment 1

•

7 years ago

Periodic Backup Plugin and Sidebar Link Plugin are not installed in prod.

All others updated.

Status: NEW → RESOLVED

Closed: 7 years ago

Resolution: --- → FIXED

Dave Hunt [:davehunt] [he/him] ⌚BST

Updated

•

7 years ago

Status: RESOLVED → VERIFIED

Greg G

Updated

•

7 years ago

Group: cloud-services-security

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Please upgrade Jenkins plugins on QAJenkinsPROD - to address 2017-07-10 sec vulnerabilities

Categories

(Cloud Services :: FXTest-infra, enhancement)

Tracking

(Not tracked)

People

(Reporter: rpapa, Unassigned)

References

Details

Crash Data

Security

(public)

User Story

Description

Comment 1

Updated

Updated