CloudBees Backup Plugin 3.38.70

1 minute read

On this page

Security advisory
Security fixes
New features
Feature enhancements
Resolved issues
Known issues
Upgrade notes

RELEASED: Public: October 18, 2023

Security advisory

https://www.cloudbees.com/security-advisories/cloudbees-security-advisory-2023-10-18

Security fixes

commons-httpclient library vulnerability (BEE-39003): The commons-httpclient library used in WebDav and Azure stores (transitively through com.sun.jersey:jersey.client) is vulnerable to man in the middle (MITM) attack.

The fix is to remove the commons-httpclient library and use the native Java HttpClient.

New features

None.

Feature enhancements

None.

Resolved issues

None.

Known issues

None.

Upgrade notes

None.