RELEASED: 2023-05-03
Security fixes
- Upgrade Google OAuth Client 1.31.5 to Google OAuth Client 1.33.3 (BEE-23789)
-
Upgraded Google OAuth Client 1.31.5 to Google OAuth Client 1.33.3.
- Upgrade Gson 2.8.7 to Gson 2.8.9 (BEE-24280)
-
Upgraded Gson 2.8.7 to Gson 2.8.9.
- Upgrade Google OAuth Client 1.25.0 to Google OAuth Client 1.33.3 (BEE-25730)
-
Upgraded Google OAuth Client 1.25.0 to Google OAuth Client 1.33.3.
- Upgrade to Analysis Model API including BCEL 6.7.0 with the fix (BEE-27951)
-
Upgraded to Analysis Model API including BCEL 6.7.0 with the fix.
- Use of unsafe SnakeYaml constructor (BEE-29887)
-
Updated the library SnakeYaml to 2.0 due to a security defect in version 1.33.
- Low-privilege users can restore backup jobs (BEE-29577)
-
CloudBees Backup plugin allowed users with Job/Configure permissions to restore backups.
This issue is resolved.
- Low-privilege users can break backup jobs (BEE-29576)
-
CloudBees Backup plugin allowed users with Job/Configure permissions to break backup jobs created by other users.
This issue is resolved.