On 17.03.2016, at 18:21, Ashish Yadav <ashish.ya...@firemon.com> wrote:
> I too am running jenkins v1.609.3. > > However, I am concerned about upgrading to v1.642.2 due to the following > which was ‘introduced’ in v1.625.3. > https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09 > > How can I tell if this will impact me? How can I tell if this will be an > issue if I upgrade to v1.625.3? > > I am using the following plugins: > • Maven Integration Plugin v2.7.1 > • Javadoc Plugin v1.1 > • HTML Publisher Plugin v1.3 This concern doesn't really make sense to me. You're running a version that is known vulnerable to a specific issue that may or may not be relevant to you (as documented on the wiki). If you upgrade, some of these reports may no longer display correctly in a web browser, but the worst case is, you decide it's preferable to restore the functionality at the cost of being vulnerable again. So other than having to fiddle with the option documented on the wiki for a bit, I'm not seeing how this blocks upgrading. -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/F2BE34F7-8B34-427B-801A-CE14B1AC6F60%40beckweb.net. For more options, visit https://groups.google.com/d/optout.
