Security advisory
Security advisory
-
CloudBees Security Advisory 2020-12-03
This advisory announces vulnerabilities in Jenkins, CloudBees Jenkins Distribution, CloudBees Jenkins Platform and CloudBees CI.
Plugin modifications
-
Jenkins LTS
Upgraded Jenkins LTS from
2.190.31-cb-5
to2.190.33-cb-1
-
Upgraded Active Directory Plugin from
2.16
to2.16.1
-
Upgraded CloudBees High Availability Management from
4.20
to4.20.1
-
Upgraded Jenkins Health Advisor by CloudBees Plugin from
3.0.1
to3.0.2
-
Upgraded CloudBees License Manager from
9.35
to9.35.2
-
Upgraded CloudBees Update Center Plugin from
4.46
to4.46.2
-
Upgraded Email-ext Plugin from
2.68
to2.68.2
-
Upgraded External Notification Plugin from
1.2.1
to1.2.2
-
Upgraded CloudBees Backup Plugin from
3.38.14
to3.38.14.3
-
Upgraded Mailer Plugin from
1.29
to1.29.1
-
Upgraded CloudBees Role-Based Access Control Plugin from
5.28.2
to5.28.6
-
Upgraded Operations Center Context Plugin from
2.190.31.1
to2.190.31.2
-
Upgraded Operations Center RBAC Plugin from
2.190.0.1
to2.190.0.4
-
Upgraded Operations Center Server Plugin from
2.190.0.6
to2.190.30.1
-
Upgraded Script Security Plugin from
1.66.4
to1.66.5
-
Upgraded CloudBees Skip Next Build Plugin from
4.2
to4.2.1
Compatible plugins
-
Jenkins Apache HttpComponents Client 4.x API Plugin
4.5.10-2.0 compatible installed by default
-
Oracle Java SE Development Kit Installer Plugin
1.3 compatible installed by default
-
2.37 compatible installed by default
-
1.11.594 compatible optional
-
3.4 compatible optional
-
1.1.10 compatible optional
-
2.20 compatible installed by default
-
Jenkins JSch dependency plugin
0.1.55.1 compatible optional
-
Matrix Authorization Strategy Plugin
2.5.1 compatible optional
-
CloudBees AWS Credentials Plugin
1.27 compatible optional
-
1.5.0 compatible installed by default
-
Stack Trace Suppression Plugin
1.5 compatible optional
-
2.17 compatible installed by default
-
1.3 compatible installed by default
-
1.17 compatible optional
-
2.68.2 compatible optional
-
1.0.5 compatible optional
-
Jenkins Health Advisor by CloudBees
3.0.2 compatible optional
-
1.4.1 compatible optional
-
2.3.0.1 compatible installed by default
-
1.14.1 compatible optional
-
Jenkins Active Directory plugin
2.16.1 compatible optional
-
1.30 compatible optional
-
1.46.4 compatible optional
-
2.2.0 compatible optional
-
2.62.1 compatible installed by default
Proprietary plugins
-
Operations Center Notification
1.0 proprietary optional
-
9.35.2 proprietary installed by default
-
1.2 proprietary optional
-
Operations Center Monitoring Plugin
2.190.0.1 proprietary optional
-
2.8 proprietary installed by default
-
Operations Center JNLP Agent Controller Plugin
2.190.0.1 proprietary optional
-
Operations Center Server Role Based Access Control
2.190.0.4 proprietary optional
-
2.190.31.2 proprietary installed by default
-
User Activity Monitoring Plugin
1.1.5 proprietary optional
-
Operations Center Server Cluster Operations
2.190.0.3 proprietary optional
-
CloudBees Restart Aborted Builds Plugin
1.12 proprietary optional
-
Operations Center Update Center Plugin
2.190.0.1 proprietary optional
-
Operations Center Single Sign-On Plugin
2.190.31.1 proprietary optional
-
Operations Center Analytics Viewer
2.107.1.5 proprietary optional
-
Operations Center Embedded elasticsearch
2.73.0.1 proprietary optional
-
CloudBees Skip Next Build Plugin
4.2.1 proprietary optional
-
CloudBees Administrative Monitors Plugin
1.0.1 proprietary installed by default
-
Operations Center Analytics Reporter
2.107.1.5 proprietary optional
-
CloudBees Jenkins Enterprise License Entitlement Check
8.24 proprietary installed by default
-
Beekeeper Upgrade Assistant Plugin
2.138.0.10 proprietary installed by default
-
CloudBees VMWare Autoscaling Plugin
4.3.9 proprietary optional
-
Operations Center Analytics Feeder
2.107.1.5 proprietary optional
-
3.10 proprietary installed by default
-
1.5 proprietary optional
-
CloudBees SSH Build Agents Plugin
2.3 proprietary optional
-
2.107.1.5 proprietary optional
-
CloudBees High Availability Management plugin
4.20.1 proprietary installed by default
-
2.190.0.2 proprietary installed by default
-
1.18 proprietary optional
-
1.10 proprietary optional
-
CloudBees Role-Based Access Control Plugin
5.28.6 proprietary optional
-
1.3 proprietary installed by default
-
CloudBees Update Center Data API
4.42 proprietary installed by default
-
Operations Center Elasticsearch Provider
2.190.0.2 proprietary optional
-
CloudBees Update Center Plugin
4.46.2 proprietary optional
-
Operations Center Analytics Kibana Dashboards
2.107.1.5 proprietary optional
-
CloudBees WikiText Security Plugin
3.12 proprietary optional
-
Operations Center Server License Entitlement Check
2.190.0.1 proprietary installed by default
-
Operations Center Server Plugin
2.190.30.1 proprietary installed by default
-
3.22 proprietary installed by default
-
1.2.2 proprietary optional
-
Operations Center Server EC2 Cloud
2.190.0.1 proprietary optional
-
Operations Center Analytics Configuration
2.107.1.5 proprietary optional
-
3.38.14.3 proprietary optional
Verified plugins
-
1.7.24.2 verified installed by default
-
6.9 verified installed by default
-
2.3.1 verified installed by default
-
1.20 verified optional
-
1.0.9.0 verified installed by default
-
1.18 verified optional
-
Secure Requester Whitelist Plugin
1.4 verified optional
-
1.28 verified installed by default
-
1.29.1 verified installed by default
-
1.20.1 verified optional
-
1.5 verified optional
-
1.66.5 verified installed by default
-
4.0.2.6 verified installed by default
-
1.31.0 verified optional
-
1.20 verified installed by default
-
1.3 verified installed by default
-
2.6.3 verified installed by default
-
2.8 verified installed by default
-
2.11.0 verified installed by default
-
1.6 verified optional
-
3.6.2 verified optional
-
1.5 verified optional
-
1.1.3 verified optional
-
Authentication Tokens API Plugin
1.3 verified optional
-
2.3.0 verified installed by default