|
||||||||
|
This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira |
||||||||
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
This is a necessary security fix to resolve a vulnerability whereby commit access to one portion of a subversion repository can be used to hijack Jenkins' credentials (which are typically global read) to gain read access to the rest of the repository. A valid enhancement request would be a checkbox to allow opting in to using the module credentials on matching externals