> On 24. Jul 2017, at 15:04, 'Bruno P. Kinoshita' via Jenkins Developers > <[email protected]> wrote: > > I had seen the security advisory, and in the Wiki and GitHub I can see some > progress made to fix some of the 5 issues. > > But I think the maintainer is the only one with access to read and comment in > the SECURITY-XXX tickets. > > At least that's what I recall from when I worked on an SECURITY issue. My > intention was to check the progress of tickets, see if there was a patch > somewhere to be tested, or a discussion going on. And then try to help > scriptler and any other plugin I use/used or that is a dependency in one of > the plugins I use. > > But I can wait till the maintainer has made further progress on the issues. I > will re-read the description of the security issues with more calm over the > next days, check latest code and try to liaise directly with the maintainer > if I have a patch. >
Hi Bruno, First, you're welcome to join the security team. We can always use the additional help! In this special case, if you're just interested in fixing this one issue, I can also make available whatever internal discussion and proposed code changes exists related to this issue. Whichever way you prefer, just let me know. Daniel -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/0CB35FBE-A5EE-47C0-B8C9-3D07CB0B2C6D%40beckweb.net. For more options, visit https://groups.google.com/d/optout.
