Please upgrade Jenkins plugins on QAJenkinsPROD - to address 2017-07-10 sec vulnerabilities

VERIFIED FIXED

Status

Cloud Services
FXTest-infra
VERIFIED FIXED
5 months ago
5 months ago

People

(Reporter: rpapa, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

REQUEST
please upgrade the Jenkins plugins listed below on the QAJenkinsPROD instance to address the following sec vulnerabilites: https://jenkins.io/security/advisory/2017-07-10/

NOTE:
:davehunt has upgraded plugins on QAJenkinsDEV and re-run test.
plugin vetting - PASSED


The following Jenkins plugin updates have been released to fix security vulnerabilities:

* Docker Commons Plugin 1.8
* Git Plugin 3.3.2 and 3.4.0-beta-2
* GitHub Branch Source Plugin 2.0.8 and 2.2.0-beta-2
* Parameterized Trigger Plugin 2.35
* Periodic Backup Plugin 1.5
* Pipeline: Build Step Plugin 2.5.1
* Pipeline: Groovy Plugin 2.36.1
* Poll SCM Plugin 1.4
* Role-based Authorization Strategy Plugin 2.5.1
* Script Security Plugin 1.29.1
* Sidebar Link Plugin 1.9
* SSH Plugin 2.5
* Subversion Plugin 2.9
Periodic Backup Plugin and Sidebar Link Plugin are not installed in prod.

All others updated.
Status: NEW → RESOLVED
Last Resolved: 5 months ago
Resolution: --- → FIXED

Updated

5 months ago
Status: RESOLVED → VERIFIED

Updated

5 months ago
Group: cloud-services-security
You need to log in before you can comment on or make changes to this bug.