Branch: refs/heads/master
Home: https://github.com/jenkinsci/jenkins
Commit: a9aff088f327278a8873aef47fa8f80d3c5932fd
https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-05 (Sat, 05 Jan 2013)
Changed paths:
M core/pom.xml
M core/src/main/java/hudson/DNSMultiCast.java
M core/src/main/java/hudson/UDPBroadcastThread.java
M core/src/main/java/hudson/console/AnnotatedLargeText.java
M core/src/main/java/hudson/model/Job.java
M core/src/main/java/hudson/model/UsageStatistics.java
M core/src/main/java/hudson/security/RememberMeServicesProxy.java
M core/src/main/java/hudson/security/SecurityRealm.java
M core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java
M core/src/main/java/hudson/security/csrf/DefaultCrumbIssuer.java
M core/src/main/java/hudson/slaves/SlaveComputer.java
M core/src/main/java/hudson/util/Secret.java
M core/src/main/java/jenkins/model/Jenkins.java
M core/src/main/java/jenkins/security/ApiTokenProperty.java
A core/src/main/java/jenkins/security/ConfidentialKey.java
A core/src/main/java/jenkins/security/ConfidentialStore.java
A core/src/main/java/jenkins/security/CryptoConfidentialKey.java
A core/src/main/java/jenkins/security/DefaultConfidentialStore.java
A core/src/main/java/jenkins/security/HMACConfidentialKey.java
A core/src/main/java/jenkins/security/HexStringConfidentialKey.java
M core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol.java
M core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol2.java
M core/src/main/resources/hudson/slaves/SlaveComputer/slave-agent.jnlp.jelly
A core/src/test/java/hudson/util/SecretTest.groovy
R core/src/test/java/hudson/util/SecretTest.java
A core/src/test/java/jenkins/security/ConfidentialStoreRule.java
A core/src/test/java/jenkins/security/CryptoConfidentialKeyTest.groovy
A core/src/test/java/jenkins/security/DefaultConfidentialStoreTest.groovy
A core/src/test/java/jenkins/security/HMACConfidentialKeyTest.groovy
A core/src/test/java/jenkins/security/HexStringConfidentialKeyTest.groovy
M pom.xml
M test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
Log Message:
-----------
[SECURITY-49] Deprecating Jenkins.getSecretKey()
We are replacing it by the ConfidentialStore class and the
ConfidentialKey class, which provides purpose-specific confidential
information that are separated from each other.
In this way, not all eggs are in one basket, and in case of a
compromise, the impact will contained.
Also replaced several insecure use of digest(secret|messsage) or
digest(message|secret) by HMAC.
Commit: 4895eaafca468b7f0f1a3166b2fca7414f0d5da5
https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-05 (Sat, 05 Jan 2013)
Changed paths:
M core/src/main/java/hudson/util/Secret.java
A core/src/main/java/hudson/util/SecretRewriter.java
A core/src/main/java/jenkins/security/RekeySecretAdminMonitor.java
A
core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/log.groovy
A
core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/message.groovy
A
core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/message.properties
A core/src/test/java/hudson/util/MockSecretRule.java
A core/src/test/java/hudson/util/SecretRewriterTest.groovy
M core/src/test/java/hudson/util/SecretTest.groovy
A test/src/main/java/hudson/util/SecretHelper.java
A test/src/test/java/jenkins/security/RekeySecretAdminMonitorTest.java
Log Message:
-----------
[SECURITY-49] added a tool to re-key secrets
As an AdministrativeMonitor, it shows up in the manage Jenkins UI, and
allows the administrator to run a re-keying operation.
Commit: c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2
https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-05 (Sat, 05 Jan 2013)
Changed paths:
M core/src/main/java/jenkins/security/ConfidentialStore.java
M core/src/main/java/jenkins/security/DefaultConfidentialStore.java
Log Message:
-----------
[SECURITY-49] Backing off from @Extension-based discovery.
This is because we discovered some plugins that use Secret early on in
the initialization.
Commit: 3dc13b957b14cec649036e8dd517f0f9cb21fb04
https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-05 (Sat, 05 Jan 2013)
Changed paths:
M core/src/main/java/jenkins/model/Jenkins.java
M core/src/main/java/jenkins/security/RekeySecretAdminMonitor.java
Log Message:
-----------
[SECURITY-49] mark secret.key generated by post SECURITY-49 Jenkins.
If JENKINS_HOME is created by a post SECURIT-49 Jenkins (LTS, and other
variants), then there's no need to alarm the user.
Commit: 94a8789b699132dd706021a6be1b78bc47f19602
https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-05 (Sat, 05 Jan 2013)
Changed paths:
M core/src/main/java/jenkins/security/ApiTokenProperty.java
M test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
Log Message:
-----------
[SECURITY-49] actively invalidate bad API tokens.
If the user still has the API token that's generated from secret.key,
don't accept that.
Hopefully this is the last fix
Commit: 64eaa0f17d93485a124f1899f4c4569d339b8abb
https://github.com/jenkinsci/jenkins/commit/64eaa0f17d93485a124f1899f4c4569d339b8abb
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-07 (Mon, 07 Jan 2013)
Changed paths:
M core/pom.xml
M core/src/main/java/hudson/DNSMultiCast.java
M core/src/main/java/hudson/UDPBroadcastThread.java
M core/src/main/java/hudson/console/AnnotatedLargeText.java
M core/src/main/java/hudson/model/Job.java
M core/src/main/java/hudson/model/UsageStatistics.java
M core/src/main/java/hudson/security/RememberMeServicesProxy.java
M core/src/main/java/hudson/security/SecurityRealm.java
M core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java
M core/src/main/java/hudson/security/csrf/DefaultCrumbIssuer.java
M core/src/main/java/hudson/slaves/SlaveComputer.java
M core/src/main/java/hudson/util/Secret.java
A core/src/main/java/hudson/util/SecretRewriter.java
M core/src/main/java/jenkins/model/Jenkins.java
M core/src/main/java/jenkins/security/ApiTokenProperty.java
A core/src/main/java/jenkins/security/ConfidentialKey.java
A core/src/main/java/jenkins/security/ConfidentialStore.java
A core/src/main/java/jenkins/security/CryptoConfidentialKey.java
A core/src/main/java/jenkins/security/DefaultConfidentialStore.java
A core/src/main/java/jenkins/security/HMACConfidentialKey.java
A core/src/main/java/jenkins/security/HexStringConfidentialKey.java
A core/src/main/java/jenkins/security/RekeySecretAdminMonitor.java
M core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol.java
M core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol2.java
M core/src/main/resources/hudson/slaves/SlaveComputer/slave-agent.jnlp.jelly
A
core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/log.groovy
A
core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/message.groovy
A
core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/message.properties
A core/src/test/java/hudson/util/MockSecretRule.java
A core/src/test/java/hudson/util/SecretRewriterTest.groovy
A core/src/test/java/hudson/util/SecretTest.groovy
R core/src/test/java/hudson/util/SecretTest.java
A core/src/test/java/jenkins/security/ConfidentialStoreRule.java
A core/src/test/java/jenkins/security/CryptoConfidentialKeyTest.groovy
A core/src/test/java/jenkins/security/DefaultConfidentialStoreTest.groovy
A core/src/test/java/jenkins/security/HMACConfidentialKeyTest.groovy
A core/src/test/java/jenkins/security/HexStringConfidentialKeyTest.groovy
M pom.xml
A test/src/main/java/hudson/util/SecretHelper.java
M test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
M test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
A test/src/test/java/jenkins/security/RekeySecretAdminMonitorTest.java
Log Message:
-----------
Merge branch 'SECURITY-49' into rc
Commit: b512c5edc1b939afc45a7bd50f1854b960e269b7
https://github.com/jenkinsci/jenkins/commit/b512c5edc1b939afc45a7bd50f1854b960e269b7
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-07 (Mon, 07 Jan 2013)
Changed paths:
M cli/pom.xml
M core/pom.xml
M maven-plugin/pom.xml
M plugins/pom.xml
M pom.xml
M test/pom.xml
M ui-samples-plugin/pom.xml
M war/pom.xml
Log Message:
-----------
[maven-release-plugin] prepare release jenkins-1.498
Commit: c58af12b76cee36db07a56acdee141aee17e7b77
https://github.com/jenkinsci/jenkins/commit/c58af12b76cee36db07a56acdee141aee17e7b77
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-07 (Mon, 07 Jan 2013)
Changed paths:
M cli/pom.xml
M core/pom.xml
M maven-plugin/pom.xml
M plugins/pom.xml
M pom.xml
M test/pom.xml
M ui-samples-plugin/pom.xml
M war/pom.xml
Log Message:
-----------
[maven-release-plugin] prepare for next development iteration
Commit: 5604a3a4a3fb2c68ce432f9f948cced7272086b4
https://github.com/jenkinsci/jenkins/commit/5604a3a4a3fb2c68ce432f9f948cced7272086b4
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-07 (Mon, 07 Jan 2013)
Changed paths:
M changelog.html
Log Message:
-----------
updated changelog for release
Commit: 0cef41351466322d19c264e538bfaddb06ca41c3
https://github.com/jenkinsci/jenkins/commit/0cef41351466322d19c264e538bfaddb06ca41c3
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-07 (Mon, 07 Jan 2013)
Changed paths:
M debian/debian/changelog
Log Message:
-----------
updated changelog as a part of the release
Commit: b4a17d3b450acab62522a31f0f44e1f30e2c5353
https://github.com/jenkinsci/jenkins/commit/b4a17d3b450acab62522a31f0f44e1f30e2c5353
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-07 (Mon, 07 Jan 2013)
Changed paths:
M changelog.html
M core/pom.xml
M core/src/main/java/hudson/DNSMultiCast.java
M core/src/main/java/hudson/UDPBroadcastThread.java
M core/src/main/java/hudson/console/AnnotatedLargeText.java
M core/src/main/java/hudson/model/Job.java
M core/src/main/java/hudson/model/UsageStatistics.java
M core/src/main/java/hudson/security/RememberMeServicesProxy.java
M core/src/main/java/hudson/security/SecurityRealm.java
M core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java
M core/src/main/java/hudson/security/csrf/DefaultCrumbIssuer.java
M core/src/main/java/hudson/slaves/SlaveComputer.java
M core/src/main/java/hudson/util/Secret.java
A core/src/main/java/hudson/util/SecretRewriter.java
M core/src/main/java/jenkins/model/Jenkins.java
M core/src/main/java/jenkins/security/ApiTokenProperty.java
A core/src/main/java/jenkins/security/ConfidentialKey.java
A core/src/main/java/jenkins/security/ConfidentialStore.java
A core/src/main/java/jenkins/security/CryptoConfidentialKey.java
A core/src/main/java/jenkins/security/DefaultConfidentialStore.java
A core/src/main/java/jenkins/security/HMACConfidentialKey.java
A core/src/main/java/jenkins/security/HexStringConfidentialKey.java
A core/src/main/java/jenkins/security/RekeySecretAdminMonitor.java
M core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol.java
M core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol2.java
M core/src/main/resources/hudson/slaves/SlaveComputer/slave-agent.jnlp.jelly
A
core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/log.groovy
A
core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/message.groovy
A
core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/message.properties
A core/src/test/java/hudson/util/MockSecretRule.java
A core/src/test/java/hudson/util/SecretRewriterTest.groovy
A core/src/test/java/hudson/util/SecretTest.groovy
R core/src/test/java/hudson/util/SecretTest.java
A core/src/test/java/jenkins/security/ConfidentialStoreRule.java
A core/src/test/java/jenkins/security/CryptoConfidentialKeyTest.groovy
A core/src/test/java/jenkins/security/DefaultConfidentialStoreTest.groovy
A core/src/test/java/jenkins/security/HMACConfidentialKeyTest.groovy
A core/src/test/java/jenkins/security/HexStringConfidentialKeyTest.groovy
M debian/debian/changelog
M pom.xml
A test/src/main/java/hudson/util/SecretHelper.java
M test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
M test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
A test/src/test/java/jenkins/security/RekeySecretAdminMonitorTest.java
Log Message:
-----------
merged back the RC branch
Conflicts:
changelog.html
Compare:
https://github.com/jenkinsci/jenkins/compare/cc32c22a5d61...b4a17d3b450a
