Releases: jenkinsci/aws-credentials-plugin
Releases · jenkinsci/aws-credentials-plugin
191.vcb_f183ce58b_9
🐛 Bug fixes
- [SECURITY-2351] CVE-2022-27198 (CSRF), CVE-2022-27199 (permission check)
CloudBees AWS Credentials Plugin 189.v3551d5642995 and earlier does not perform a permission check in a method implementing form validation. Additionally, this form validation method does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.
189.v3551d5642995
🐛 Bug fixes
- JENKINS-67452 - Do not add blank external ids (#125) @jtnord
📦 Dependency updates
- Bump plugin from 4.28 to 4.33 (#123) @dependabot
- Bump git-changelist-maven-extension from 1.2 to 1.3 (#120) @dependabot
👻 Maintenance
Contributors
Vlatombe, jtnord, and dependabot
Assets 2
1.33
🚀 New features and improvements
- JENKINS-65105 - : Support for externalID when using role (#88) @hitesh22
📦 Dependency updates
- Bump bom-2.249.x from 950.v396cb834de1e to 961.vf0c9f6f59827 (#104) @dependabot
- Bump plugin from 4.27 to 4.28 (#106) @dependabot
Contributors
hitesh22 and dependabot
Assets 2
1.32
33b7d79
This commit was signed with the committer’s verified signature.
The key has expired.
Vlatombe
Vincent Latombe
🚀 New features and improvements
📦 Dependency updates
- Use version from bom (#102) @Vlatombe
- Replace heavyweight aws-java-sdk with fine-grained aws-java-sdk-ec2 (#93) @Vlatombe
- Bump plugin from 4.2 to 4.27 (#98) @dependabot
- Bump git-changelist-maven-extension from 1.0-beta-7 to 1.2 (#100) @dependabot
Contributors
jglick, Vlatombe, and dependabot
