- 10 9月, 2015 2 次提交
-
-
由 Oleg Nenashev 提交于
-
由 Oleg Nenashev 提交于
-
- 18 3月, 2015 2 次提交
-
-
由 Jesse Glick 提交于
-
由 Oliver Gondža 提交于
-
- 17 3月, 2015 6 次提交
-
-
由 Kohsuke Kawaguchi 提交于
-
由 Kohsuke Kawaguchi 提交于
[SECURITY-177] Reflected XSS in AdjunctManager.doDynamic
-
由 Kohsuke Kawaguchi 提交于
Added a test case to cover bases
-
由 Jesse Glick 提交于
Conflicts: test/src/test/java/hudson/model/UserTest.java
-
由 Kohsuke Kawaguchi 提交于
[SECURITY-171] XSS in FormValidation._error(..., Throwable, ...)
-
由 Kohsuke Kawaguchi 提交于
[SECURITY-180] arbitrary API Token change/leak via changeToken
-
- 08 3月, 2015 5 次提交
-
-
由 Oliver Gondža 提交于
-
由 Oliver Gondža 提交于
-
由 Kohsuke Kawaguchi 提交于
-
由 Kohsuke Kawaguchi 提交于
Add nosniff header liberally to every request we serve.
-
由 Kohsuke Kawaguchi 提交于
-
- 28 2月, 2015 7 次提交
-
-
由 Kohsuke Kawaguchi 提交于
-
由 Kohsuke Kawaguchi 提交于
With the server-side download, the test needs to induce the update center metadata retrieval in a separate manner.
-
由 Jesse Glick 提交于
Conflicts: pom.xml
-
由 Jesse Glick 提交于
-
由 Jesse Glick 提交于
-
由 Kohsuke Kawaguchi 提交于
[SECURITY-167] Plugin manager was also vulnerable to XXE attacks.
-
由 James Nord 提交于
Although the plugiun manager was vulnerable getting information out of Jenkins was harder - however it would still be possible to do bad things such as reading from /dev/zero on Linux
-
- 08 2月, 2015 2 次提交
-
-
由 Jesse Glick 提交于
Conflicts: test/src/test/java/hudson/tasks/ArtifactArchiverTest.java
-
由 Jesse Glick 提交于
[SECURITY-162] Forbid symlink attacks from artifact archiving
-
- 07 2月, 2015 3 次提交
-
-
由 Jesse Glick 提交于
Conflicts: core/src/main/java/hudson/model/Api.java
-
由 Robert Sandell 提交于
[SECURITY-165] blacklist the document xpath function for use in Api
-
由 Jesse Glick 提交于
-
- 06 2月, 2015 13 次提交
-
-
由 Robert Sandell 提交于
-
由 Robert Sandell 提交于
Review comments fixed: Added license header Reformat the issue comment Restricted NoExternalUse toLowerCase in English locale lesser resolution of declared exception from the test
-
由 Jesse Glick 提交于
Conflicts: test/src/test/java/hudson/tasks/BuildTriggerTest.java
-
由 Jesse Glick 提交于
@RandomlyFails
-
由 Jesse Glick 提交于
-
由 Jesse Glick 提交于
-
由 Jesse Glick 提交于
-
由 Ryan Campbell 提交于
[SECURITY-166] Make UI tests work across Jenkins versions
-
由 Jesse Glick 提交于
Conflicts: core/src/main/java/hudson/ClassicPluginStrategy.java core/src/main/java/hudson/cli/AddJobToViewCommand.java core/src/main/java/hudson/model/Run.java core/src/main/java/hudson/tasks/junit/JUnitResultArchiver.java core/src/main/java/jenkins/model/IdStrategyDescriptor.java core/src/main/resources/hudson/model/AbstractProject/configure-common_ru.properties core/src/main/resources/hudson/model/AbstractProject/configure-common_tr.properties core/src/main/resources/hudson/model/Job/index.jelly core/src/main/resources/jenkins/model/IdStrategy/config.jelly core/src/main/resources/jenkins/model/Jenkins/MasterComputer/_api.jelly core/src/main/resources/jenkins/security/s2m/AdminCallableMonitor/message.jelly core/src/main/resources/jenkins/security/s2m/MasterKillSwitchWarning/message.jelly core/src/main/resources/jenkins/slaves/systemInfo/EnvVarsSlaveInfo/systemInfo.jelly core/src/main/resources/jenkins/slaves/systemInfo/Messages.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_da.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_de.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_es.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_fr.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_ja.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_nl.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_pt_BR.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_sv_SE.properties core/src/main/resources/jenkins/slaves/systemInfo/Messages_zh_TW.properties core/src/main/resources/lib/form/link.jelly core/src/main/resources/lib/hudson/failed-test_pt_BR.properties core/src/main/resources/lib/hudson/project/configurable.properties core/src/main/resources/lib/hudson/project/configurable_bg.properties core/src/main/resources/lib/hudson/project/configurable_es_AR.properties core/src/main/resources/lib/hudson/project/configurable_eu.properties core/src/main/resources/lib/hudson/project/configurable_gl.properties core/src/main/resources/lib/hudson/project/configurable_hi_IN.properties core/src/main/resources/lib/hudson/project/configurable_it.properties core/src/main/resources/lib/hudson/project/configurable_nl.properties core/src/main/resources/lib/hudson/project/configurable_sl.properties core/src/main/resources/lib/hudson/project/configurable_tr.properties core/src/main/resources/lib/hudson/project/console-link.jelly core/src/main/resources/lib/hudson/project/console-link_pt_BR.properties core/src/main/resources/lib/layout/breadcrumbBar_pt.properties core/src/main/resources/lib/layout/layout_pt.properties core/src/main/resources/lib/layout/main-panel_pt.properties core/src/main/resources/lib/layout/pane_de.properties core/src/main/resources/lib/layout/pane_pt.properties core/src/main/resources/lib/layout/pane_pt_BR.properties core/src/main/resources/lib/layout/progressiveRendering_pt.properties core/src/main/resources/lib/layout/task_pt.properties pom.xml test/pom.xml test/src/test/resources/lib/layout/IconTest/03_testTask.jelly war/src/main/webapp/scripts/msie.js
-
由 Jesse Glick 提交于
[SECURITY-125] Matrix project script security
-
由 Ryan Campbell 提交于
-
由 Robert Sandell 提交于
-
由 James Nord 提交于
[SECURITY-167] Followup tweaks to address review comments.
-