Loading...

This issue is archived. You can view it, but you can't modify it. Learn more

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Blocker
Component/s: release-plugin
Labels:
- issue-exported-to-github
- security-170
Environment:
1.651.2+ and Jenkins 2.3+

Injecting arbitrary parameters is now forbidden, so the plugin should declare them to the jobs.
See https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11

Major impacts:

Undeclared vars are not present anymore

Release Plugin was listed on the page: https://wiki.jenkins-ci.org/display/JENKINS/Plugins+affected+by+fix+for+SECURITY-170 and no issue was yet created for this.

is related to

JENKINS-35257 Release plugin ignores release parameters in Jenkins 2.7

Resolved

links to

Assignee:: Antonio Muñiz
Reporter:: Justin Fiore

Created:: 2016-05-20 17:59
Updated:: 2025-12-23 22:49
Resolved:: 2016-09-29 07:46
Archived:: 2025-12-23 22:49