[JIRA] [core] (JENKINS-18884) Seperate Permission for People View to close Security Hole with AD Plugin

4 views
Skip to first unread message

harald.villinger@fmc-ag.com (JIRA)

unread,
Mar 3, 2016, 11:14:02 AM3/3/16
to jenkinsc...@googlegroups.com
Harald Villinger updated an issue
 
Jenkins / New Feature JENKINS-18884
Seperate Permission for People View to close Security Hole with AD Plugin
Change By: Harald Villinger
Environment: CentOS
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v6.4.2#64017-sha1:e244265)
Atlassian logo

harald.villinger@fmc-ag.com (JIRA)

unread,
Mar 3, 2016, 11:16:04 AM3/3/16
to jenkinsc...@googlegroups.com
Harald Villinger updated an issue
Change By: Harald Villinger
Environment: CentOS
Jenkins

hypery2k@web.de (JIRA)

unread,
Sep 16, 2018, 1:23:04 AM9/16/18
to jenkinsc...@googlegroups.com
Martin Reinhardt assigned an issue to Martin Reinhardt
Change By: Martin Reinhardt
Assignee: Martin Reinhardt
This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

o.v.nenashev@gmail.com (JIRA)

unread,
Jan 28, 2019, 11:51:03 AM1/28/19
to jenkinsc...@googlegroups.com
Oleg Nenashev updated an issue
Change By: Oleg Nenashev
Labels: configuration permissions security security-hardening

vladimir.camaj@gmail.com (JIRA)

unread,
Mar 16, 2020, 8:58:03 AM3/16/20
to jenkinsc...@googlegroups.com
Vladimír Čamaj commented on New Feature JENKINS-18884
 
Re: Seperate Permission for People View to close Security Hole with AD Plugin

Created at 2013-07-23 10:03 Are you serious? What is the chance this security hole will be resolved this month? 
This message was sent by Atlassian Jira (v7.13.12#713012-sha1:6e07c38)
Atlassian logo

o.v.nenashev@gmail.com (JIRA)

unread,
Mar 16, 2020, 11:16:10 AM3/16/20
to jenkinsc...@googlegroups.com

Vladimír Čamaj

Please consider me as messenger here. First of all,  if this is a security issue from your point of view, please report it according to https://jenkins.io/security/#reporting-vulnerabilities .It is currently considered as a Security Hardening by the Jenkins security team (see the labels). Read as "request for enhancement". If you have additional data which may alter this decision, please report it to the security team. 

Everybody is also welcome to take over https://github.com/jenkinsci/jenkins/pull/1102 from ikedam and to get it over the line.

P.S: Personally I would love to see this fix integrated, and I consider it as important change to do. I am happy to help with reviews and with getting this change delivered, but I do not plan to work on this issue on my own.

 
Reply all
Reply to author
Forward
0 new messages