- 30 9月, 2015 2 次提交
-
-
由 Jesse Glick 提交于
[FIXED SECURITY-192] - Require Jenkins.READ permissions to access CLI pages
-
由 Oleg Nenashev 提交于
-
- 29 9月, 2015 1 次提交
-
-
由 Oleg Nenashev 提交于
-
- 25 9月, 2015 2 次提交
-
-
由 valentina 提交于
[SECURITY-173] use XMLUtils safe transformation to create a job from xml
-
由 Valentina Armenise 提交于
-
- 23 9月, 2015 1 次提交
-
-
由 Oleg Nenashev 提交于
-
- 22 9月, 2015 1 次提交
-
-
由 Oleg Nenashev 提交于
-
- 21 9月, 2015 1 次提交
-
-
由 Oleg Nenashev 提交于
-
- 10 9月, 2015 1 次提交
-
-
由 Oleg Nenashev 提交于
-
- 18 3月, 2015 2 次提交
-
-
由 Jesse Glick 提交于
-
由 Oliver Gondža 提交于
-
- 17 3月, 2015 6 次提交
-
-
由 Kohsuke Kawaguchi 提交于
-
由 Kohsuke Kawaguchi 提交于
[SECURITY-177] Reflected XSS in AdjunctManager.doDynamic
-
由 Kohsuke Kawaguchi 提交于
Added a test case to cover bases
-
由 Jesse Glick 提交于
Conflicts: test/src/test/java/hudson/model/UserTest.java
-
由 Kohsuke Kawaguchi 提交于
[SECURITY-171] XSS in FormValidation._error(..., Throwable, ...)
-
由 Kohsuke Kawaguchi 提交于
[SECURITY-180] arbitrary API Token change/leak via changeToken
-
- 08 3月, 2015 5 次提交
-
-
由 Oliver Gondža 提交于
-
由 Oliver Gondža 提交于
-
由 Kohsuke Kawaguchi 提交于
-
由 Kohsuke Kawaguchi 提交于
Add nosniff header liberally to every request we serve.
-
由 Kohsuke Kawaguchi 提交于
-
- 28 2月, 2015 7 次提交
-
-
由 Kohsuke Kawaguchi 提交于
-
由 Kohsuke Kawaguchi 提交于
With the server-side download, the test needs to induce the update center metadata retrieval in a separate manner.
-
由 Jesse Glick 提交于
Conflicts: pom.xml
-
由 Jesse Glick 提交于
-
由 Jesse Glick 提交于
-
由 Kohsuke Kawaguchi 提交于
[SECURITY-167] Plugin manager was also vulnerable to XXE attacks.
-
由 James Nord 提交于
Although the plugiun manager was vulnerable getting information out of Jenkins was harder - however it would still be possible to do bad things such as reading from /dev/zero on Linux
-
- 08 2月, 2015 2 次提交
-
-
由 Jesse Glick 提交于
Conflicts: test/src/test/java/hudson/tasks/ArtifactArchiverTest.java
-
由 Jesse Glick 提交于
[SECURITY-162] Forbid symlink attacks from artifact archiving
-
- 07 2月, 2015 3 次提交
-
-
由 Jesse Glick 提交于
Conflicts: core/src/main/java/hudson/model/Api.java
-
由 Robert Sandell 提交于
[SECURITY-165] blacklist the document xpath function for use in Api
-
由 Jesse Glick 提交于
-
- 06 2月, 2015 6 次提交
-
-
由 Robert Sandell 提交于
-
由 Robert Sandell 提交于
Review comments fixed: Added license header Reformat the issue comment Restricted NoExternalUse toLowerCase in English locale lesser resolution of declared exception from the test
-
由 Jesse Glick 提交于
Conflicts: test/src/test/java/hudson/tasks/BuildTriggerTest.java
-
由 Jesse Glick 提交于
@RandomlyFails
-
由 Jesse Glick 提交于
-
由 Jesse Glick 提交于
-