-
Task
-
Resolution: Fixed
-
Minor
-
None
This library should be updated to match the version being released in pam-auth-plugin.
- links to
[JENKINS-53055] Upgrade jenkins-core use of libpam4j to 1.11
Description | Original: The currently used version is rather out of date and has a theoretical security issue that doesn't seem to affect Jenkins, but it does show up in security scanning tools as an annoyance. |
New:
The currently used version is rather out of date and has a theoretical security issue that doesn't seem to affect Jenkins, but it does show up in security scanning tools as an annoyance. Code changes between 1.8 and 1.11: https://github.com/kohsuke/libpam4j/compare/libpam4j-1.8...libpam4j-1.11 |
Status | Original: Open [ 1 ] | New: In Progress [ 3 ] |
Status | Original: In Progress [ 3 ] | New: In Review [ 10005 ] |
Remote Link | New: This issue links to "PR-3589 (Web Link)" [ 21317 ] |
Summary | Original: Upgrade jenkins-core use of libpam4j to 1.11 | New: Remove libpam4j from Jenkins Core |
Description |
Original:
The currently used version is rather out of date and has a theoretical security issue that doesn't seem to affect Jenkins, but it does show up in security scanning tools as an annoyance. Code changes between 1.8 and 1.11: https://github.com/kohsuke/libpam4j/compare/libpam4j-1.8...libpam4j-1.11 |
New: This library is no longer used directly by Jenkins Core ever since PAM support was extracted into pam-auth-plugin. |
Summary | Original: Remove libpam4j from Jenkins Core | New: Upgrade jenkins-core use of libpam4j to 1.11 |
Description | Original: This library is no longer used directly by Jenkins Core ever since PAM support was extracted into pam-auth-plugin. | New: This library should be updated to match the version being released in pam-auth-plugin. |
Added link to pull request.