[JIRA] (JENKINS-58892) Remove build-pipeline-plugin from setup wizard

6 views
Skip to first unread message

o.v.nenashev@gmail.com (JIRA)

unread,
Aug 12, 2019, 7:39:05 AM8/12/19
to jenkinsc...@googlegroups.com
Oleg Nenashev created an issue
 
Jenkins / Task JENKINS-58892
Remove build-pipeline-plugin from setup wizard
Issue Type: Task Task
Assignee: Unassigned
Components: core
Created: 2019-08-12 11:38
Labels: lts-candidate installationWizard
Priority: Minor Minor
Reporter: Oleg Nenashev

Placeholder for https://github.com/jenkinsci/jenkins/pull/4147 from Daniel Beck

"I announced an unfixed security vulnerability in Build Pipeline Plugin today, after a year or so without a response by the maintainer. I tried contacting them via email too.

Sure, this may be one of the less notable security issues, but IMO it's still a problem for a plugin present in the setup wizard – especially given that there's no warning support here. Right now, users might "Select All" and be greeted with a security warning afterwards. Not good. (I cannot enable/disable them based on core version, only plugin version.)

"
Add Comment Add Comment
 
This message was sent by Atlassian Jira (v7.11.2#711002-sha1:fdc329d)

dbeck@cloudbees.com (JIRA)

unread,
Sep 6, 2019, 10:21:03 AM9/6/19
to jenkinsc...@googlegroups.com
Daniel Beck resolved as Fixed
Change By: Daniel Beck
Status: Open Resolved
Resolution: Fixed
Released As: jenkins-2.190

dbeck@cloudbees.com (JIRA)

unread,
Sep 6, 2019, 10:22:02 AM9/6/19
to jenkinsc...@googlegroups.com
Daniel Beck updated an issue
Change By: Daniel Beck
Labels: installationWizard lts-candidate

dbeck@cloudbees.com (JIRA)

unread,
Sep 6, 2019, 10:31:02 AM9/6/19
to jenkinsc...@googlegroups.com
Daniel Beck commented on Task JENKINS-58892
 
Re: Remove build-pipeline-plugin from setup wizard

2.190 is the chosen baseline, so no need for this issue.
Reply all
Reply to author
Forward
0 new messages