Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-42950

credentials-binding-plugin not masking secret text when it includes a single quote

    XMLWordPrintable

Details

    Description

      I have a Jenkins job to deploy an ansible playbook and I have used the credentials-binding-plugin secret text entries for entering my different environment ansible vault passwords. 2 of my encrypted passwords work fine but one of them has a single quote in the text and it seems to be causing problems with the masking and so that password is showing up in the logs. I tried escaping in the actual text itself but that did not work either.

      I would just change passwords but they are company passwords and not mine to change so please let me know if something can be done to fix the parsing or if there is an immediate workaround for this.

       

      Thanks,

       

      Jeff Mclean

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. JENKINS-60962 credential plugin security issue

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed
          links to

          Web Link #59

          Web Link PR 55

          Activity

            People

              Unassigned Unassigned
              jamclean Jeff Mclean
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: