Matcher.find() and Matcher.group(String) are no longer whitelisted

This issue is archived. You can view it, but you can't modify it. Learn more

XMLWordPrintable

    • script-security 1.72

      Originally reported by wolniewicz inĀ JENKINS-61575, but that issue appears to be broken so I cloned it here.

      We have upgraded the plugin from 1.66 -> 1.68
      Since version 1.68 method java.util.regex.Matcher find is not longer whitelisted:

      https://github.com/jenkinsci/script-security-plugin/commit/d5e107b1bd780314bc13ebed401ab3b8a22ec9a4#diff-bd6a93804fc62863a4d7460e35733302

      Was this made on purpose or all mentioned methods were removed by accident?

      method java.util.regex.Matcher find
method java.util.regex.Matcher group java.lang.String

      Ā 

      We had to manually approve mentioned methods on our production servers.

      Could you please add mentioned methods to default approve list?

            Assignee:
            Devin Nusbaum
            Reporter:
            Devin Nusbaum
            Archiver:
            Jenkins Service Account

              Created:
              Updated:
              Resolved:
              Archived: