is there any issue tracker for issues listed in https://jenkins.io/security/advisory/2017-04-10/
19 views
Skip to first unread message
Ted Xiao
Apr 16, 2017, 10:01:14 AM4/16/17
to Jenkins Developers
I am a plugin develop, and I am fixing the issue SECURITY-496 SECURITY-479 , is there any issue tracker to update the status?
I tried https://issues.jenkins-ci.org/browse/SECURITY-496 but not work
Stephen Connolly
Apr 16, 2017, 10:13:21 AM4/16/17
to jenkin...@googlegroups.com
That is the correct URL
I cannot recall what the policy is on making the SECURITY JIRA issues public. Currently that URL is only visible to the reporter and people on the cert list
On Sun 16 Apr 2017 at 15:01, Ted Xiao <xia...@gmail.com> wrote:
I am a plugin develop, and I am fixing the issue SECURITY-496 SECURITY-479 , is there any issue tracker to update the status?I tried https://issues.jenkins-ci.org/browse/SECURITY-496 but not work
--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-de...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/3b1addf7-dcf1-4a6e-aca4-5fdda71247d5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Sent from my phone
Daniel Beck
Apr 16, 2017, 5:19:53 PM4/16/17
to jenkin...@googlegroups.com
> On 16.04.2017, at 16:01, Ted Xiao <xia...@gmail.com> wrote:
>
> I am a plugin develop, and I am fixing the issue SECURITY-496 SECURITY-479 , is there any issue tracker to update the status?
> I tried https://issues.jenkins-ci.org/browse/SECURITY-496 but not work
what's your Jira user name? This is the first (and hopefully last) time we had to publish an advisory before even assigning to plugin maintainers, but I can still do that now. The issue would remain private however.
If you prefer to track progress of your fix publicly (so plugin users can see it), just file a new issue and mention that it relates to SECURITY-496.
Daniel
Ted Xiao
Apr 17, 2017, 4:30:02 AM4/17/17
to Jenkins Developers, m...@beckweb.net
my jira account is fengxx, I made some changes and introduced SecureGroovyScript for new installment, hope it can mitigate the security issue.
A new version is published, hope get some review from security experts , and to check is there any other issue to fix.
Reply all
Reply to author
Forward
0 new messages