SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for jenkins-lts-2.375.1-1.d_t_b.8.noarch.rpm :

* Mon Jan 02 2023 Luciano Santos - Update to 2.375.1 (2022-11-30) See https://www.jenkins.io/changelog-stable/#v2.375.1- Update Url tag from https://jenkins-ci.org to the new Jenkins home page: https://www.jenkins.io/.
* Wed Nov 16 2022 chrisAATTcomputersalat.de- Update to 2.361.4 (2022-11-13) See https://www.jenkins.io/changelog-stable/#v2.361.4
* Thu Nov 03 2022 chrisAATTcomputersalat.de- Update to 2.361.3 (2022-11-02) See https://www.jenkins.io/changelog-stable/#v2.361.3
* Thu Oct 06 2022 chrisAATTcomputersalat.de- Update to 2.361.2 (2022-10-05) See https://www.jenkins.io/changelog-stable/#v2.361.2
* Mon Sep 12 2022 chrisAATTcomputersalat.de- fix deps for SLES12
* SLE decided to stop providing - java = 11 - java-11 with java-11-openjdk >= 11.0.12.0
* Thu Sep 08 2022 chrisAATTcomputersalat.de- Update to 2.361.1 (2022-09-07) See https://www.jenkins.io/changelog-stable/#v2.361.1- Update java deps
* both, controller and agents, need to run with java >= 11
* Tue Aug 23 2022 chrisAATTcomputersalat.de- Update to 2.346.3 (2022-08-10) See https://www.jenkins.io/changelog-stable/#v2.346.3
* fix for CVE-2022-22970, CVE-2022-22971 https://github.com/jenkinsci/jenkins/pull/6565
* Tue Jul 19 2022 chrisAATTcomputersalat.de- Update to 2.346.2 (2022-07-13) See https://www.jenkins.io/changelog-stable/#v2.346.2
* Mon Jun 27 2022 chrisAATTcomputersalat.de- update to 2.346.1 (2022-06-22) See https://www.jenkins.io/changelog-stable/#v2.346.1
* fix for JSA-2022-06-22 https://www.jenkins.io/security/advisory/2022-06-22/ Severity: https://www.jenkins.io/security/advisory/2022-06-22/#severity - Multiple XSS vulnerabilities SECURITY-2779 / CVE-2022-34170 SECURITY-2761 / CVE-2022-34171 SECURITY-2776 / CVE-2022-34172 SECURITY-2780 / CVE-2022-34173 - Observable timing discrepancy allows determining username validity SECURITY-2566 / CVE-2022-34174 - Unauthorized view fragment access SECURITY-2777 / CVE-2022-34175 - Stored XSS vulnerability in JUnit Plugin SECURITY-2760 / CVE-2022-34176 - Arbitrary file write vulnerability in Pipeline: Input Step Plugin SECURITY-2705 / CVE-2022-34177 - Reflected XSS vulnerability in Embeddable Build Status Plugin SECURITY-2567 / CVE-2022-34178 - Path traversal vulnerability in Embeddable Build Status Plugin SECURITY-2792 / CVE-2022-34179 - Improper authorization in Embeddable Build Status Plugin bypasses ViewStatus permission requirement SECURITY-2794 / CVE-2022-34180 - Agent-to-controller security bypass in xUnit Plugin SECURITY-2549 / CVE-2022-34181 - Reflected XSS vulnerability in Nested View Plugin SECURITY-2768 / CVE-2022-34182 - Stored XSS vulnerabilities in multiple plugins providing additional parameter types
* Agent Server Parameter 1.1 and earlier (SECURITY-2731 / CVE-2022-34183)
* CRX Content Package Deployer 1.9 and earlier (SECURITY-2727 / CVE-2022-34184)
* Date Parameter Plugin 0.0.4 and earlier (SECURITY-2711 / CVE-2022-34185)
* Dynamic Extended Choice Parameter 1.0.1 and earlier (SECURITY-2712 / CVE-2022-34186)
* Filesystem List Parameter 0.0.7 and earlier (SECURITY-2716 / CVE-2022-34187)
* Hidden Parameter Plugin 0.0.4 and earlier (SECURITY-2755 / CVE-2022-34188)
* Image Tag Parameter 1.10 and earlier (SECURITY-2721 / CVE-2022-34189)
* Maven Metadata for CI server 2.1 and earlier (SECURITY-2714 / CVE-2022-34190)
* NS-ND Integration Performance Publisher 4.8.0.77 and earlier (SECURITY-2736 / CVE-2022-34191)
* ontrack Jenkins 4.0.0 and earlier (SECURITY-2733 / CVE-2022-34192)
* Package Version 1.0.1 and earlier (SECURITY-2735 / CVE-2022-34193)
* Readonly Parameter 1.0.0 and earlier (SECURITY-2719 / CVE-2022-34194)
* Repository Connector 2.2.0 and earlier (SECURITY-2666 / CVE-2022-34195)
* REST List Parameter Plugin 1.5.2 and earlier (SECURITY-2730 / CVE-2022-34196)
* Sauce OnDemand 1.204 and earlier (SECURITY-2724 / CVE-2022-34197)
* Stash Branch Parameter 0.3.0 and earlier (SECURITY-2725 / CVE-2022-34198) - Passwords stored in plain text by Convertigo Mobile Platform Plugin SECURITY-2064 / CVE-2022-34199 - CSRF vulnerability and missing permission checks in Convertigo Mobile Platform Plugin SECURITY-2276 / CVE-2022-34200 (CSRF), CVE-2022-34201 (missing permission check) - User passwords stored in plain text by EasyQA Plugin SECURITY-2066 / CVE-2022-34202 - CSRF vulnerability and missing permission checks in EasyQA Plugin SECURITY-2281 / CVE-2022-34203 (CSRF) CVE-2022-34204 (missing permission check) - CSRF vulnerability and missing permission checks in Jianliao Notification Plugin SECURITY-2240 / CVE-2022-34205 (CSRF) CVE-2022-34206 (missing permission check) - CSRF vulnerability and missing permission checks in Beaker builder Plugin SECURITY-2248 / CVE-2022-34207 (CSRF) CVE-2022-34208 (missing permission check) - CSRF vulnerability and missing permission check in ThreadFix Plugin SECURITY-2249 / CVE-2022-34209 (CSRF) CVE-2022-34210 (missing permission check) - CSRF vulnerability and missing permission check in vRealize Orchestrator Plugin SECURITY-2279 / CVE-2022-34211 (CSRF) CVE-2022-34212 (missing permission check) - Passwords stored in plain text by Squash TM Publisher (Squash4Jenkins) Plugin SECURITY-2089 / CVE-2022-34213
* Tue May 17 2022 chrisAATTcomputersalat.de- Update to 2.332.3 (2022-05-04) See https://www.jenkins.io/changelog-stable/#v2.332.3- Update to 2.332.2 (2022-04-06) See https://www.jenkins.io/changelog-stable/#v2.332.2- Update to 2.332.1 (2022-03-09) See https://www.jenkins.io/changelog-stable/#v2.332.1
* Fri May 06 2022 Callum Farmer - Move %sysusers_generate_pre to %build
* Fri Apr 01 2022 Callum Farmer - Add CONFIG parameter to %sysusers_generate_pre- Re-format sysusers file
* Fri Feb 18 2022 - fix changes file
* add missing CVE
* Thu Feb 10 2022 Johannes Kastl - Update to 2.319.3 See https://www.jenkins.io/changelog-stable/#v2.319.3
* fix for JSA-2022-02-09 https://www.jenkins.io/security/advisory/2022-02-09/ Severity: https://www.jenkins.io/security/advisory/2022-02-09/#severity - DoS vulnerability in bundled XStream library SECURITY-2602 / CVE-2021-43859 (upstream issue) CVE-2022-0538 (Jenkins-specific converters)
* Sat Jan 22 2022 chrisAATTcomputersalat.de- Update to 2.319.2 See https://www.jenkins.io/changelog-stable/#v2.319.2
* fix for JSA-2022-01-12 https://www.jenkins.io/security/advisory/2022-01-12/ Severity: https://www.jenkins.io/security/advisory/2022-01-12/#severity - CSRF vulnerability in build triggers SECURITY-2558 / CVE-2022-20612 - CSRF vulnerability and missing permission checks in Mailer Plugin SECURITY-2163 / CVE-2022-20613 (CSRF) CVE-2022-20614 (missing permission check) - Stored XSS vulnerability in Matrix Project Plugin SECURITY-2017 / CVE-2022-20615 - Missing permission check in Credentials Binding Plugin allows validating secret file credentials IDs SECURITY-2342 / CVE-2022-20616 - OS command execution vulnerability in Docker Commons Plugin SECURITY-1878 / CVE-2022-20617 - Missing permission checks in Bitbucket Branch Source Plugin allow enumerating credentials IDs SECURITY-2033 / CVE-2022-20618 - CSRF vulnerability in Bitbucket Branch Source Plugin allows capturing credentials SECURITY-2467 / CVE-2022-20619 - Missing permission checks in SSH Agent Plugin allow enumerating credentials IDs SECURITY-2189 / CVE-2022-20620 - Access key stored in plain text by Metrics Plugin SECURITY-1624 / CVE-2022-2062 - User passwords transmitted in plain text by Active Directory Plugin SECURITY-1389 / CVE-2022-23105 - Non-constant time token comparison in Configuration as Code Plugin SECURITY-2141 / CVE-2022-23106 - Path traversal vulnerability in Warnings Next Generation Plugin SECURITY-2090 / CVE-2022-23107 - Stored XSS vulnerability in Badge Plugin SECURITY-2547 / CVE-2022-23108 - Improper credentials masking in HashiCorp Vault Plugin SECURITY-2213 / CVE-2022-23109 - Stored XSS vulnerability in Publish Over SSH Plugin SECURITY-2287 / CVE-2022-23110 - CSRF vulnerability and missing permission checks in Publish Over SSH Plugin SECURITY-2290 / CVE-2022-23111 (CSRF) CVE-2022-23112 (missing permission check) - Path traversal vulnerability in Publish Over SSH Plugin SECURITY-2307 / CVE-2022-23113 - Password stored in plain text by Publish Over SSH Plugin SECURITY-2291 / CVE-2022-23114 - CSRF vulnerability in batch task Plugin SECURITY-1025 / CVE-2022-23115 - Agent-to-controller security bypass in Conjur Secrets Plugin allows decrypting secret SECURITY-2522 (1) / CVE-2022-23116 - Agent-to-controller security bypass in Conjur Secrets Plugin allows retrieving all credentials SECURITY-2522 (2) / CVE-2022-23117 - Agent-to-controller security bypass in Debian Package Builder Plugin SECURITY-2546 / CVE-2022-23118
* Wed Dec 08 2021 Johannes Kastl - Update to 2.319.1 + See https://www.jenkins.io/changelog-stable/#v2.319.1
* Sat Nov 06 2021 Johannes Kastl - Update to 2.303.3 + See https://www.jenkins.io/changelog-stable/#v2.303.3
* Wed Oct 27 2021 Johannes Kastl - unify with jenkins package: Avoid jenkins restart from logrotate (SR#924341) based on https://github.com/jenkinsci/packaging/blob/master/rpm/build/SOURCES/jenkins.logrotate
* Wed Oct 27 2021 Johannes Kastl - Update to 2.303.2 + See https://www.jenkins.io/changelog-stable/#v2.303.2
* Thu Sep 23 2021 Johannes Kastl - Update to 2.303.1 + See https://www.jenkins.io/changelog-stable/#v2.303.1
* Tue Aug 03 2021 Johannes Kastl - Update to 2.289.3 + See https://www.jenkins.io/changelog-stable/#v2.289.3
* Thu Jul 01 2021 Johannes Kastl - Update to 2.289.2 + See https://www.jenkins.io/changelog-stable/#v2.289.2
* Thu Jun 10 2021 Johannes Kastl - initial first version of package jenkins-lts that follows the LTS release schedule
* Sat Apr 24 2021 Callum Farmer - Fix fillupdir on old SUSE distributions- Update to 2.289 + See https://jenkins.io/changelog/#v2.289 for details
* Wed Mar 31 2021 Callum Farmer - Migrate to using systemd and systemd-sysusers- Remove SysV init- Use libexecdir for executables- Remove outdated java arguments
* Tue Mar 30 2021 Bernhard Wiedemann - Update to 2.286 + See https://jenkins.io/changelog/#v2.286 for details
* Wed Mar 03 2021 Johannes Kastl - add dependency on dejavu-fonts to solve the java.awt.headless problem https://wiki.jenkins.io/display/JENKINS/Jenkins+got+java.awt.headless+problem
* Fri Feb 26 2021 J. Daniel Schmidt - Update to 2.281 + See https://jenkins.io/changelog/#v2.281 for details
* Fri Feb 19 2021 J. Daniel Schmidt - Update to 2.280 + See https://jenkins.io/changelog/#v2.280 for details
* Tue Jan 19 2021 J. Daniel Schmidt - Update to 2.275 + See https://jenkins.io/changelog/#v2.275 for details
* Wed Jan 06 2021 Rahul Emmatty - Update to 2.274 + See https://jenkins.io/changelog/#v2.274 for details
* Mon Jan 04 2021 Rahul Emmatty - Update to 2.273 + See https://jenkins.io/changelog/#v2.273 for details
* Tue Dec 15 2020 Rahul Emmatty - Update to 2.271 + See https://jenkins.io/changelog/#v2.271 for details
* Wed Dec 02 2020 Rahul Emmatty - Update to 2.270 + See https://jenkins.io/changelog/#v2.270 for details- Adding _service file to download the binary directly to OBS from jenkins.io
* Wed Nov 25 2020 Rahul Emmatty - Update to 2.268 + See https://jenkins.io/changelog/#v2.268 for details
* Tue Nov 17 2020 Rahul Emmatty - Update to 2.267 + See https://jenkins.io/changelog/#v2.267 for details
* Thu Nov 12 2020 Rahul Emmatty - Update to 2.266 + See https://jenkins.io/changelog/#v2.266 for details
* Thu Nov 05 2020 J. Daniel Schmidt - Update to 2.265 + See https://jenkins.io/changelog/#v2.265 for details
* Mon Nov 02 2020 Rahul Emmatty - Update to 2.264 + See https://jenkins.io/changelog/#v2.264 for details
* Wed Aug 12 2020 Bernhard Wiedemann - Update to 2.252 + See https://jenkins.io/changelog/#v2.252 for details + important security fixes
* Thu Jul 23 2020 J. Daniel Schmidt - Update to 2.248 + See https://jenkins.io/changelog/#v2.248 for details
* Tue Jul 21 2020 J. Daniel Schmidt - Update to 2.245 + See https://jenkins.io/changelog/#v2.245 for details
* Fri Jul 03 2020 J. Daniel Schmidt - Update to 2.243 + See https://jenkins.io/changelog/#v2.243 for details
* Sat Jun 20 2020 Callum Farmer - Update to 2.241 + See https://jenkins.io/changelog/#v2.241 for details- Delete unused file jenkins.war.sha256- Updated gpg keyring
* Wed Apr 08 2020 J. Daniel Schmidt - Update to 2.230 + See https://jenkins.io/changelog/#v2.230 for details
* Thu Mar 26 2020 J. Daniel Schmidt - Update to 2.228 + See https://jenkins.io/changelog/#v2.228 for details
* Tue Mar 24 2020 J. Daniel Schmidt - Update to 2.227 + See https://jenkins.io/changelog/#v2.227 for details
* Tue Mar 10 2020 J. Daniel Schmidt - Update to 2.225 + See https://jenkins.io/changelog/#v2.225 for details
* Mon Mar 09 2020 J. Daniel Schmidt - Update to 2.224 + See https://jenkins.io/changelog/#v2.224 for details
* Mon Mar 02 2020 J. Daniel Schmidt - Update to 2.223 + See https://jenkins.io/changelog/#v2.223 for details
* Tue Feb 25 2020 chrisAATTcomputersalat.de- Update to 2.222
* See https://jenkins.io/changelog/#v2.222 for details
* Wed Jan 22 2020 J. Daniel Schmidt - Update to 2.215 + See https://jenkins.io/changelog/#v2.215 for details
* Fri Jan 17 2020 J. Daniel Schmidt - Update to 2.214 + See https://jenkins.io/changelog/#v2.214 for details
* Tue Jan 07 2020 J. Daniel Schmidt - Update to 2.213 + See https://jenkins.io/changelog/#v2.213 for details
  
ICM