The following Jenkins plugin updates have been released to fix security vulnerabilities:
* Bumblebee HP ALM Plugin 4.1.4
* Cadence vManager Plugin 2.7.1
* CRX Content Package Deployer Plugin 1.9
* Google Kubernetes Engine Plugin 0.7.1
* Google OAuth Credentials Plugin 0.10
* iceScrum Plugin 1.1.6
* NeoLoad Plugin 2.2.6
Additionally, we announce unresolved security issues in the following plugins:
* Delphix Plugin
* ElasticBox CI Plugin
* Extensive Testing Plugin
* Fortify on Demand Plugin
* Puppet Enterprise Pipeline Plugin
* Oracle Cloud Infrastructure Compute Classic Plugin
* Rundeck Plugin
* SOASTA CloudTest Plugin
* Sofy.AI Plugin
* View26 Test-Reporting Plugin
Please see the advisory for more information:
https://jenkins.io/security/advisory/2019-10-16/