Branch: refs/heads/master
Home: https://github.com/jenkinsci/git-client-plugin
Commit: a69b17e19e3a0bc1e4ddfc75cad7e577b540640f
https://github.com/jenkinsci/git-client-plugin/commit/a69b17e19e3a0bc1e4ddfc75cad7e577b540640f
Author: Mark Waite <mark.earl.wa...@gmail.com>
Date: 2022-09-26 (Mon, 26 Sep 2022)
Changed paths:
M pom.xml
Log Message:
-----------
Use gson 2.8.9 to satisfy security scanners
The gson package is not enabled for serialization in Jenkins, so the
vulnerability reported as https://nvd.nist.gov/vuln/detail/CVE-2022-25647
is unlikely to have any impact on the git client plugin. However, out
of an abundance of caution, it is better to upgrade the gson library
from 2.8.8 to 2.8.9.
https://github.com/google/gson/blob/master/CHANGELOG.md#version-289 is
the gson 2.8.9 changelog.
Commit: acecdae98a0a83bfb03e58cede783bca36a659ab
https://github.com/jenkinsci/git-client-plugin/commit/acecdae98a0a83bfb03e58cede783bca36a659ab
Author: Mark Waite <mark.earl.wa...@gmail.com>
Date: 2022-09-26 (Mon, 26 Sep 2022)
Changed paths:
M pom.xml
Log Message:
-----------
Merge pull request #910 from MarkEWaite/use-gson-2.8.9
[JENKINS-69706] Use gson 2.8.9 to satisfy security scanners
Compare:
https://github.com/jenkinsci/git-client-plugin/compare/6257f6a7101f...acecdae98a0a
--
You received this message because you are subscribed to the Google Groups
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-commits+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-commits/jenkinsci/git-client-plugin/push/refs/heads/master/6257f6-acecda%40github.com.
