[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oleg Nenashev commented on JENKINS-50616 Re: JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons JENKINS-51074 has been created as a follow-up Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oleg Nenashev updated JENKINS-50616 I would say that this issue is fixed. We worked it around by applying patches in the core. Ruby Runtime fixes are up to plugin maintainers, because we cannot really do anything with that without a huge rework Jenkins / JENKINS-50616 JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Change By: Oleg Nenashev Status: In Review Resolved Resolution: Fixed Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oliver Gondža updated an issue Jenkins / JENKINS-50616 JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Change By: Oliver Gondža Labels: 2.107.3-fixed JEP-200 lts-candidate Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title SCM/JIRA link daemon commented on JENKINS-50616 Re: JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Code changed in jenkins User: Oleg Nenashev Path: core/src/main/resources/jenkins/security/whitelisted-classes.txt http://jenkins-ci.org/commit/jenkins/a16779e4e24bcc884427325a4692c60484a87389 Log: JENKINS-50616 - Add org.jruby.RubyNil to the whitelist (#3404) JENKINS-50616 - Add org.jruby.RubyNil to the whitelist JENKINS-50616 - Fix the typo in the comment (cherry picked from commit fc6137873956ef1645dccd1ff3688dbf42dff7d5) Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title SCM/JIRA link daemon commented on JENKINS-50616 Re: JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Code changed in jenkins User: Oleg Nenashev Path: core/src/main/resources/jenkins/security/whitelisted-classes.txt http://jenkins-ci.org/commit/jenkins/fc6137873956ef1645dccd1ff3688dbf42dff7d5 Log: JENKINS-50616 - Add org.jruby.RubyNil to the whitelist (#3404) JENKINS-50616 - Add org.jruby.RubyNil to the whitelist JENKINS-50616 - Fix the typo in the comment Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oleg Nenashev updated an issue Jenkins / JENKINS-50616 JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Change By: Oleg Nenashev Labels: JEP-200 lts-candidate Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oleg Nenashev commented on JENKINS-50616 Re: JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Created https://github.com/jenkinsci/jenkins/pull/3404. I do not believe it can be backported to 2.107.x, but CC Oliver Gondža just in case. It may need backporting to the next baseline anyway Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oleg Nenashev updated an issue Jenkins / JENKINS-50616 JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Change By: Oleg Nenashev Component/s: core Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oleg Nenashev commented on JENKINS-50616 Re: JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons OK, will create a PR in few minutes Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Jesse Glick commented on JENKINS-50616 Re: JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Oleg Nenashev yes we should add RubyNil to the existing core whitelist—pending merge, release, and general adoption of the plugin fix. Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oleg Nenashev commented on JENKINS-50616 Re: JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Summary of the review: https://github.com/jenkinsci/ruby-runtime-plugin is an obsolete repository. At some point the code has been moved to https://github.com/jenkinsci/jenkins.rb/blob/master/java-runtime , and currently there is a split-brain between repositories Although we have proposed fixes, both me and Jesse Glick failed to quickly setup environment for jenkins.rb fix and release We have contacted the maintainer of jenkins.rb to get his help with these fixes Jesse Glick What would you say if we add this particular whitelist entry to the core? It should not make the things much worse since we whitelist other entries there. Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Joe Fowler commented on JENKINS-50616 Re: JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Oleg Nenashev, yes, we should be able to try a patch once you have one available. Thanks! Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oleg Nenashev commented on JENKINS-50616 Re: JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Joe Fowler If you have not installed my patch yet, please don't. There is a mess with source code hosting we need to investigate. I will try to do it next week Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oleg Nenashev commented on JENKINS-50616 Re: JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Joe Fowler would you be able to test a patch from https://ci.jenkins.io/blue/organizations/jenkins/Plugins%2Fruby-runtime-plugin/detail/PR-6/5/artifacts ? Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oleg Nenashev updated JENKINS-50616 Jenkins / JENKINS-50616 JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Change By: Oleg Nenashev Status: In Progress Review Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oleg Nenashev started work on JENKINS-50616 Change By: Oleg Nenashev Status: Open In Progress Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oleg Nenashev updated an issue Jenkins / JENKINS-50616 JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Change By: Oleg Nenashev Labels: JEP-200 Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oleg Nenashev commented on JENKINS-50616 Re: JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons CI-Skip Uses RubyRuntime, which is known to be impacted by JEP-200. Before the release in 2.102 we have whitelisted classes on the core's side: https://github.com/jenkinsci/jenkins/blob/master/core/src/main/resources/jenkins/security/whitelisted-classes.txt#L177-L189 . But apparently this whitelist is not enough. Ideally we need https://github.com/jenkinsci/ruby-runtime-plugin/pull/5 to be updated and released. The plugin has no maintainer, but I will check whether we can do that Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oleg Nenashev assigned an issue to Oleg Nenashev Jenkins / JENKINS-50616 JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Change By: Oleg Nenashev Assignee: Kohei Hasegawa Oleg Nenashev Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Oleg Nenashev updated an issue Jenkins / JENKINS-50616 JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Change By: Oleg Nenashev Component/s: ruby-runtime Component/s: ruby-runtime-plugin Add Comment This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e) -- You received this message because you are subscribed to the Google Groups "Jenkins Issues" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[JIRA] (JENKINS-50616) JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons
Title: Message Title Joe Fowler created an issue Jenkins / JENKINS-50616 JEP-200 Refusing to marshal org.jruby.RubyNil for security reasons Issue Type: Bug Assignee: Kohei Hasegawa Components: ci-skip-plugin Created: 2018-04-06 01:50 Environment: Ubuntu 16.04 Jenkins 2.107.1 ci-skip plugin 0.0.2 Priority: Major Reporter: Joe Fowler ci-skip setting on jobs can't be set. Setting it, and hitting 'Save' or Apply causes a UnsupportedOperatonException with the following stack trace Stack trace java.lang.UnsupportedOperationException: Refusing to marshal org.jruby.RubyNil for security reasons; see https://jenkins.io/redirect/class-filter/ at hudson.util.XStream2$BlacklistedTypesConverter.marshal(XStream2.java:543) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69) at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58) at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88) at org.jenkinsci.jruby.JRubyXStreamConverter.marshal(JRubyXStreamConverter.java:76) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69) at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:58) at com.thoughtworks.xstream.core.TreeMarshaller.convertAnother(TreeMarshaller.java:43) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller$1.convertAnother(AbstractReferenceMarshaller.java:88) at org.jenkinsci.jruby.JRubyXStreamConverter.marshal(JRubyXStreamConverter.java:76) at com.thoughtworks.xstream.core.AbstractReferenceMarshaller.convert(AbstractReferenceMarshaller.java:69) at com.though