Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Critical
Component/s: core, promoted-builds-plugin
Labels:
- security-170
Environment:

Hide
* Operating system: CentOS 7.2.1511 with latest updates applied using "yum update" as of 2016-05-13.
* Java runtime version: 1.7.0_101-mockbuild_2016_04_21_13_43-b00
* Jenkins version: 1.651.2
* Promoted Builds Plugin version: 2.26

Show
* Operating system: CentOS 7.2.1511 with latest updates applied using "yum update" as of 2016-05-13. * Java runtime version: 1.7.0_101-mockbuild_2016_04_21_13_43-b00 * Jenkins version: 1.651.2 * Promoted Builds Plugin version: 2.26

Similar Issues:

Show

The security issue related to arbitrary build parameters (described in the link https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11) was addressed by Jenkins 1.651.2. Unfortunately, this security fix caused freestyle jobs containing build parameters to break if they include promoted builds that attempt to access the build parameters defined at the job level.

Downgrading to Jenkins 1.651.1 allowed the affected jobs to function again.

links to

CloudBees Internal OSS-955

Assignee:: Oleg Nenashev

Reporter:: Hidden Maverick

Votes:: 2 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2016-05-13 23:02

Updated:: 2017-12-05 05:52

Resolved:: 2016-05-25 11:17

Details

Description

Attachments

Issue Links

Activity

People

Dates