Upgrade commons-compress to 1.24.0

This issue is archived. You can view it, but you can't modify it. Learn more

XMLWordPrintable

    • 2.423, 2.414.3

      Problem

      Jenkins core prior to Jenkins 2.423 ships an outdated release of commons-compress that is affected by CVE-2023-42503.

      Solution

      Upgrade commons-compress from its current release to the latest release (at the time of this writing, 1.24.0)

      Success criteria

      The success criteria for this ticket are as follows:

      • Jenkins released with commons-compress 1.24.0 - Jenkins 2.423 and later (GitHub commit)

            Assignee:
            Unassigned
            Reporter:
            Rafael
            Archiver:
            Jenkins Service Account

              Created:
              Updated:
              Resolved:
              Archived: