Branch: refs/heads/CVE-2021-43577
Home: https://github.com/jenkinsci/dependency-check-plugin
Commit: da195fba36f4cb7f16e3536d4c24c1a18f4407fb
https://github.com/jenkinsci/dependency-check-plugin/commit/da195fba36f4cb7f16e3536d4c24c1a18f4407fb
Author: William Whittle <whitt...@users.noreply.github.com>
Date: 2021-11-18 (Thu, 18 Nov 2021)
Changed paths:
M .gitignore
M pom.xml
M
src/main/java/org/jenkinsci/plugins/DependencyCheck/model/ReportParser.java
A
src/test/java/org/jenkinsci/plugins/DependencyCheck/DependencyCheckWorkflowTest.java
A
src/test/java/org/jenkinsci/plugins/DependencyCheck/model/ReportParserTest.java
R
src/test/java/org/jenkinsci/plugins/dependencycheck/DependencyCheckWorkflowTest.java
A
src/test/resources/org/jenkinsci/plugins/DependencyCheck/model/dependency-check-report-external-entities.xml
A
src/test/resources/org/jenkinsci/plugins/DependencyCheck/parser/dependency-check-report.xml
A
src/test/resources/org/jenkinsci/plugins/DependencyCheck/parser/dependency-check-report1.xml
A
src/test/resources/org/jenkinsci/plugins/DependencyCheck/parser/dependency-check-report2.xml
R
src/test/resources/org/jenkinsci/plugins/dependencycheck/parser/dependency-check-report.xml
R
src/test/resources/org/jenkinsci/plugins/dependencycheck/parser/dependency-check-report1.xml
R
src/test/resources/org/jenkinsci/plugins/dependencycheck/parser/dependency-check-report2.xml
Log Message:
-----------
Address CVE-2021-43577
Follow guidance at
https://cheatsheetseries.owasp.org/cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.html
--
You received this message because you are subscribed to the Google Groups
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-commits+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-commits/jenkinsci/dependency-check-plugin/push/refs/heads/CVE-2021-43577/8fe0d8-da195f%40github.com.
