Hello team.
How exposed is the plugin and does it need to be patched? Our team disabled it to prevent problems over the weekend, but would be great to know if we can re-enable it.
Thanks
Chris
Hi @CQ and @Jeff Smith
Please check the full information here.
Thank you.
Kind regards,
Rogerio Paiva [Xray Support Team]
Hi Rogerio,
I appreciate the response and letting us know about the update. However, it has come to our attention that there are also log4j vulnerabilities with version 2.16 and that 2.17 is now available. Have you investigated whether or not the plugin needs another log4j update?
Regards,
Jeff
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi again Rogerio,
I just found my answer here: https://github.com/jenkinsci/xray-connector-plugin/issues/57
The new plugin (2.5.3) was released a few hours ago.
Thanks again,
Jeff
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
We are also interested in knowing when this will be patched.
Jeff Smith
Systems/QA Engineer
MedImpact Inc
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.