fixed SECURITY-1044

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

fixed SECURITY-1044

FAN DEAR
hi admin,

First of all, I sincerely apologize.

I just fixed this issue. The latest version 1.32 has now been submitted.

I hope it meets users well.

Please cancel this warning!

jenkins-upload-pgyer-plugin.png



--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/a54c3f8e-b7a1-4f82-8e28-a8842709b110%40googlegroups.com.
Reply | Threaded
Open this post in threaded view
|

Re: fixed SECURITY-1044

Oleg Nenashev
Hi,

We use configuration-as-code to manage update center warnings. In order to remove this warning for recent versions, you should submit a pull request to https://github.com/jenkins-infra/update-center2/blob/master/src/main/resources/warnings.json.
It might also make sense to amend the advisory https://jenkins.io/security/advisory/2019-04-03/ to indicate that the plugin is now fixed.

BR, Oleg

On Friday, August 30, 2019 at 11:22:32 PM UTC+2, FAN DEAR wrote:
hi admin,

First of all, I sincerely apologize.

I just fixed this <a href="https://issues.jenkins-ci.org/browse/SECURITY-1044?jql=text%20~%20%22pgyer%22" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fissues.jenkins-ci.org%2Fbrowse%2FSECURITY-1044%3Fjql%3Dtext%2520~%2520%2522pgyer%2522\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHg-5kUMlQPB7U7xnnQy1WFPyZzfw&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fissues.jenkins-ci.org%2Fbrowse%2FSECURITY-1044%3Fjql%3Dtext%2520~%2520%2522pgyer%2522\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHg-5kUMlQPB7U7xnnQy1WFPyZzfw&#39;;return true;">issue. The latest version 1.32 has now been submitted.

I hope it meets users well.

Please cancel this warning!

jenkins-upload-pgyer-plugin.png



--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/cf57d12c-1712-4cc8-b5b2-3ae2ba6ea44b%40googlegroups.com.
Reply | Threaded
Open this post in threaded view
|

Re: fixed SECURITY-1044

FAN DEAR
Thank you very much.
According to your suggestion, I have modified and submitted the code.
Please check it. If there are no problems, I will release version 1.33.

在 2019年9月2日星期一 UTC+8上午3:06:11,Oleg Nenashev写道:
Hi,

We use configuration-as-code to manage update center warnings. In order to remove this warning for recent versions, you should submit a pull request to <a href="https://github.com/jenkins-infra/update-center2/blob/master/src/main/resources/warnings.json" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fjenkins-infra%2Fupdate-center2%2Fblob%2Fmaster%2Fsrc%2Fmain%2Fresources%2Fwarnings.json\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFYpFaFxscTSTl6Haq9u1Rw34lhFg&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fgithub.com%2Fjenkins-infra%2Fupdate-center2%2Fblob%2Fmaster%2Fsrc%2Fmain%2Fresources%2Fwarnings.json\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNFYpFaFxscTSTl6Haq9u1Rw34lhFg&#39;;return true;">https://github.com/jenkins-infra/update-center2/blob/master/src/main/resources/warnings.json.
It might also make sense to amend the advisory <a href="https://jenkins.io/security/advisory/2019-04-03/" target="_blank" rel="nofollow" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fjenkins.io%2Fsecurity%2Fadvisory%2F2019-04-03%2F\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGr0vi0NqZa3c8o15v-ZAbRTzNtiQ&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fjenkins.io%2Fsecurity%2Fadvisory%2F2019-04-03%2F\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNGr0vi0NqZa3c8o15v-ZAbRTzNtiQ&#39;;return true;">https://jenkins.io/security/advisory/2019-04-03/ to indicate that the plugin is now fixed.

BR, Oleg

On Friday, August 30, 2019 at 11:22:32 PM UTC+2, FAN DEAR wrote:
hi admin,

First of all, I sincerely apologize.

I just fixed this <a href="https://issues.jenkins-ci.org/browse/SECURITY-1044?jql=text%20~%20%22pgyer%22" rel="nofollow" target="_blank" onmousedown="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fissues.jenkins-ci.org%2Fbrowse%2FSECURITY-1044%3Fjql%3Dtext%2520~%2520%2522pgyer%2522\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHg-5kUMlQPB7U7xnnQy1WFPyZzfw&#39;;return true;" onclick="this.href=&#39;https://www.google.com/url?q\x3dhttps%3A%2F%2Fissues.jenkins-ci.org%2Fbrowse%2FSECURITY-1044%3Fjql%3Dtext%2520~%2520%2522pgyer%2522\x26sa\x3dD\x26sntz\x3d1\x26usg\x3dAFQjCNHg-5kUMlQPB7U7xnnQy1WFPyZzfw&#39;;return true;">issue. The latest version 1.32 has now been submitted.

I hope it meets users well.

Please cancel this warning!

jenkins-upload-pgyer-plugin.png



--
You received this message because you are subscribed to the Google Groups "Jenkins Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/efef6248-abdc-4d44-9458-d1648b8620e9%40googlegroups.com.