[JIRA] (JENKINS-38254) Plugin impacted by SECURITY-170
Title: Message Title Pavel Dotsulenko commented on JENKINS-38254 Re: Plugin impacted by SECURITY-170 Hi Daniel Pfeiffer, new plugin version 1.1.4 has been pushed to the Jenkins plugin repo, it will available for download in the update center in 8-12 hours Add Comment This message was sent by Atlassian JIRA (v7.1.7#71011-sha1:2526d7c) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-38254) Plugin impacted by SECURITY-170
Title: Message Title Pavel Dotsulenko resolved as Fixed Jenkins / JENKINS-38254 Plugin impacted by SECURITY-170 Change By: Pavel Dotsulenko Status: In Progress Resolved Resolution: Fixed Add Comment This message was sent by Atlassian JIRA (v7.1.7#71011-sha1:2526d7c) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-38254) Plugin impacted by SECURITY-170
Title: Message Title Pavel Dotsulenko started work on JENKINS-38254 Change By: Pavel Dotsulenko Status: Open In Progress Add Comment This message was sent by Atlassian JIRA (v7.1.7#71011-sha1:2526d7c) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-38254) Plugin impacted by SECURITY-170
Title: Message Title Pavel Dotsulenko commented on JENKINS-38254 Re: Plugin impacted by SECURITY-170 Hi Daniel Pfeiffer, thanks for the report! We are working on a fix and we'll notify you as soon as new plugin version is released. Add Comment This message was sent by Atlassian JIRA (v7.1.7#71011-sha1:2526d7c) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-38254) Plugin impacted by SECURITY-170
Title: Message Title Daniel Pfeiffer created an issue Jenkins / JENKINS-38254 Plugin impacted by SECURITY-170 Issue Type: Bug Assignee: Pavel Dotsulenko Components: assembla-merge-request-builder-plugin Created: 2016/Sep/15 4:19 PM Environment: Jenkins 2.7.4 Priority: Major Reporter: Daniel Pfeiffer https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11 The plugin is no longer working out-of-the-box because of SECURITY-170. As a temporary workaround, adding the following launch command to Jenkins does work: -Dhudson.model.ParametersAction.safeParameters=assemblaSourceSpaceId,assemblaAuthorName,assemblaDescription,assemblaSourceRepositoryUrl,assemblaTargetBranch,assemblaSourceRepositoryName,assemblaTargetRepositoryUrl,assemblaMergeRequestId,assemblaRefName,assemblaSourceBranch
