my jira account is fengxx, I made some changes and introduced SecureGroovyScript for new installment, hope it can mitigate the security issue. A new version is published, hope get some review from security experts , and to check is there any other issue to fix.
On Monday, April 17, 2017 at 5:19:53 AM UTC+8, Daniel Beck wrote: > > > > On 16.04.2017, at 16:01, Ted Xiao <[email protected] <javascript:>> > wrote: > > > > I am a plugin develop, and I am fixing the issue SECURITY-496 > SECURITY-479 , is there any issue tracker to update the status? > > I tried https://issues.jenkins-ci.org/browse/SECURITY-496 but not work > > Hi Ted, > > what's your Jira user name? This is the first (and hopefully last) time we > had to publish an advisory before even assigning to plugin maintainers, but > I can still do that now. The issue would remain private however. > > If you prefer to track progress of your fix publicly (so plugin users can > see it), just file a new issue and mention that it relates to SECURITY-496. > > Daniel > > -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/ecb87dec-d8ae-4268-a3e9-b7ef3750186d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
