Branch: refs/heads/master Home: https://github.com/jenkins-infra/update-center2 Commit: a3dcfe17cbbb94eea5a0fe9f6937ac423538dfe3 https://github.com/jenkins-infra/update-center2/commit/a3dcfe17cbbb94eea5a0fe9f6937ac423538dfe3 Author: Mark Waite <mark.earl.wa...@gmail.com> Date: 2023-09-19 (Tue, 19 Sep 2023)
Changed paths: M resources/warnings.json Log Message: ----------- SECURITY-1886 fixed in global build stats plugin (#731) * SECURITY-1886 fixed in global build stats plugin https://github.com/jenkinsci/global-build-stats-plugin/issues/38 fixed the https://www.jenkins.io/security/advisory/2022-03-15/#SECURITY-1886 stored cross-site scripting vulnerability. https://github.com/jenkinsci/global-build-stats-plugin/releases/tag/269.v214f74360b_3a_ is the release that includes that pull request. * 244.v27c8a_2e50a_34 is global build stats last affected version Extend the pattern match to include 244.v27c8a_2e50a_34 as the last global build status version affected by https://www.jenkins.io/security/advisory/2022-03-15/#SECURITY-1886 * Include more interim releases in regex Releases that have the security issue include: * 1.0 * 1.1 * 1.2 * 1.3 * 1.4 * 1.5 * 244.v27c8a_2e50a_34 * 269.v214f74360b_3a_ * 282.v79ca_e079d1b_1 * Group the version numbers Lack of grouping the version numbers negates the purpose of the (|[.-].+) suffix. -- You received this message because you are subscribed to the Google Groups "Jenkins Commits" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-commits+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-commits/jenkins-infra/update-center2/push/refs/heads/master/1ae935-a3dcfe%40github.com.