Jenkins security advisory

[Daniel Beck]

The following Jenkins plugin updates have been released to fix security vulnerabilities:

* Bumblebee HP ALM Plugin 4.1.4
* Cadence vManager Plugin 2.7.1
* CRX Content Package Deployer Plugin 1.9
* Google Kubernetes Engine Plugin 0.7.1
* Google OAuth Credentials Plugin 0.10
* iceScrum Plugin 1.1.6
* NeoLoad Plugin 2.2.6

Additionally, we announce unresolved security issues in the following plugins:

* Delphix Plugin
* ElasticBox CI Plugin
* Extensive Testing Plugin
* Fortify on Demand Plugin
* Puppet Enterprise Pipeline Plugin
* Oracle Cloud Infrastructure Compute Classic Plugin
* Rundeck Plugin
* SOASTA CloudTest Plugin
* Sofy.AI Plugin
* View26 Test-Reporting Plugin

Please see the advisory for more information:
https://jenkins.io/security/advisory/2019-10-16/

[Daniel Beck]

The following Jenkins plugin updates have been released to fix security vulnerabilities:

* Bitbucket OAuth Plugin 0.10
* Dynatrace Application Monitoring Plugin 2.1.4
* Mattermost Notification Plugin 2.7.1
* Zulip Plugin 1.1.1

Additionally, we announce unresolved security issues in the following plugins:

* 360 FireLine Plugin
* build-metrics Plugin
* Deploy WebLogic Plugin
* Dynatrace Application Monitoring Plugin
* ElasticBox Jenkins Kubernetes CI/CD Plugin
* Global Post Script Plugin
* Libvirt Slaves Plugin
* Sonar Gerrit Plugin

Please see the advisory for more information:

https://jenkins.io/security/advisory/2019-10-23/