The following Jenkins plugin updates contain fixes for security vulnerabilities:
* Azure AD Plugin 397.v907382dd9b_98 and 378.380.v545b_1154b_3fb_
* Bitbucket Push and Pull Request Plugin 2.8.4
* Google Login Plugin 1.8
* Job Configuration History Plugin 1229.v3039470161a_d
* Pipeline Maven Integration Plugin 1331.v003efa_fd6e81
* Qualys Container Scanning Connector Plugin 1.6.2.7
* SSH2 Easy Plugin 1.6
Additionally, we announce unresolved security issues in the following plugins:
* Assembla Auth Plugin
* AWS CodeCommit Trigger Plugin
* Frugal Testing Plugin
* Ivy Plugin
* TAP Plugin
Please see the advisory for more information:
https://www.jenkins.io/security/advisory/2023-09-06/