Multiple Jenkins plugins received updates today that fix several security vulnerabilities.

Additionally, the Multijob Plugin also received a security update several weeks ago.

For an overview of these security fixes, see the security advisory.

Active Choices Plugin distribution had been suspended since April due to its mandatory dependency on the suspended Scriptler Plugin. That dependency has been made optional, so Active Choices can be used without having Scriptler installed. This means we are able to resume distribution of Active Choices Plugin again. It should be available on update sites later today.

We also announced a medium severity security vulnerability in SCP publisher plugin that does not have a fix at this time.

Subscribe to the jenkinsci-advisories mailing list to receive important future notifications related to Jenkins security.

About the Author
Daniel Beck

Daniel is a Jenkins core maintainer and, as security officer, leads the Jenkins security team. He sometimes contributes to developer documentation and project infrastructure.