Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-43497

Remove dependency on obsolete "Build flow" plugin which has a security vulnerability

XMLWordPrintable

      Build Flow Plugin (0.20) is now deprecated, and has a "Arbitrary code execution vulnerability". So Jenkins complains about that in "Manage Jenkins" and on main page.

      I want to uninstall that plugin as now build pipeline should be used instead but I can't because I use the external resource dispatcher plugin.

      Can you please create a new version that drops support for (and dependency to) build flow plugin?

          [JENKINS-43497] Remove dependency on obsolete "Build flow" plugin which has a security vulnerability

          Andrei Costescu created issue -

          SCM/JIRA link daemon added a comment -

          Code changed in jenkins
          User: Sean Jones
          Path:
          .gitignore
          pom.xml
          src/main/java/com/sonyericsson/jenkins/plugins/externalresource/dispatcher/extensions/BuildFlowPluginExtension.java
          src/main/java/com/sonyericsson/jenkins/plugins/externalresource/dispatcher/utils/JsonRpcUtil.java
          src/test/java/com/sonyericsson/jenkins/plugins/externalresource/dispatcher/utils/resourcemanagers/ExternalResourceManagerTest.java
          http://jenkins-ci.org/commit/external-resource-dispatcher-plugin/c19f9572f40f59b8c198ef659586139b4526d7db
          Log:
          Merge pull request #8 from rsandell/optional-build-flow-dep

          JENKINS-43497 Make Build Flow Plugin an optional dependency

          Compare: https://github.com/jenkinsci/external-resource-dispatcher-plugin/compare/97514a8898f1...c19f9572f40f

          SCM/JIRA link daemon added a comment - Code changed in jenkins User: Sean Jones Path: .gitignore pom.xml src/main/java/com/sonyericsson/jenkins/plugins/externalresource/dispatcher/extensions/BuildFlowPluginExtension.java src/main/java/com/sonyericsson/jenkins/plugins/externalresource/dispatcher/utils/JsonRpcUtil.java src/test/java/com/sonyericsson/jenkins/plugins/externalresource/dispatcher/utils/resourcemanagers/ExternalResourceManagerTest.java http://jenkins-ci.org/commit/external-resource-dispatcher-plugin/c19f9572f40f59b8c198ef659586139b4526d7db Log: Merge pull request #8 from rsandell/optional-build-flow-dep JENKINS-43497 Make Build Flow Plugin an optional dependency Compare: https://github.com/jenkinsci/external-resource-dispatcher-plugin/compare/97514a8898f1...c19f9572f40f

          Andrei Costescu added a comment - - edited

          Should this case still be in "Open"? I see a pull req. was merged for it (thanks ).

          Or are you waiting for it to be released?

          Andrei Costescu added a comment - - edited Should this case still be in "Open"? I see a pull req. was merged for it (thanks ). Or are you waiting for it to be released?
          Andrei Costescu made changes -
          Assignee Original: Sean Jones [ neuralsandwich ] New: Andrei Costescu [ costescuandrei ]

          Andrei Costescu added a comment -

          No new plugin version was released yet.

          When is the next version of the plugin scheduled to be released?

          Andrei Costescu added a comment - No new plugin version was released yet. When is the next version of the plugin scheduled to be released?

            costescuandrei Andrei Costescu
            costescuandrei Andrei Costescu
            Votes:
            1 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated: