Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-66507

update xstream to 1.4.18

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      https://github.com/jenkinsci/jenkins/pull/5685 updated XStream (Jenkins 2.309 and higher).

      The library has a public CVE and whilst Jenkins already uses an allow list so is not impacted it would be nice to pull this update into the LTS version to keep some scanners happy.

      This is a retrospective ticket that was assigned after the fact to start an LTS backport discussion.

      See also https://groups.google.com/g/jenkinsci-dev/c/jX0f6Kz6zhc 

        Attachments

          Issue Links

            Activity

            There are no comments yet on this issue.

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              teilo James Nord
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: