Draft JEP: Switch Remoting/XStream blacklist to a whitelist

17 views
Skip to first unread message

Jesse Glick

unread,
Oct 30, 2017, 6:10:25 PM10/30/17
to Jenkins Dev
After some discussion within the CERT team, I am happy to propose

https://github.com/jenkinsci/jep/pull/23/files?short_path=b956eee

as a security hardening measure going forward.

(Yes I know the JEP process itself has not been formally adopted yet,
but I figured it could not hurt to start exercising it.)

Liam Newman

unread,
Nov 1, 2017, 5:29:22 PM11/1/17
to Jenkins Developers
This submission has been approved as Draft JEP-200. 

Reply all
Reply to author
Forward
0 new messages