| Tip |
|---|
Did you know you can subscribe to updates to security issues and release notes? Right click and copy this link and paste it into Outlook RSS Feeds or your feed reader of choice. |
September 27,2024
FLEXDEPLOY-12743 - The version of Guava shipped with the Jenkins plugin is vulnerable to CVE-2023-2976. This is resolved in plugin version 8.0.0.7 and 9.0.0.0. The plugin now requires Java 8.
September 17, 2024
FLEXDEPLOY-12828 - Internal testing found that XXE injection was possible in the FlexDeploy application as well as the HPTest, Junit, Oats, ApexSec, ODB, Soapui, and TestNG plugins. The FlexDeploy application was patched for version 9.0.0.0. The plugins were patched in version 8.0.0.6 and 9.0.0.0.
...