Bug 446937 - Security: check various security flaws
Summary: Security: check various security flaws
Status: RESOLVED WONTFIX
Alias: None
Product: Hudson
Classification: Technology
Component: Core (show other bugs)
Version: 3.2.0   Edit
Hardware: PC All
: P3 normal (vote)
Target Milestone: ---   Edit
Assignee: Winston Prakash CLA
QA Contact: Geoff Waymark CLA
URL:
Whiteboard: candidate-3.4.0
Keywords: security
Depends on:
Blocks:
 
Reported: 2014-10-13 12:16 EDT by Markus Buchner CLA
Modified: 2019-05-14 14:06 EDT (History)
4 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Markus Buchner CLA 2014-10-13 12:16:34 EDT 
Check if some security bugs from this advisory paper also target hudson:

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
Comment 1 Bob Foster CLA 2015-03-04 21:31:37 EST 
Adding these to the list.

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27

I know we've fixed SECURITY-165 but the others need to be tracked.

The process should be to file separate bugs for each confirmed security bug.
Comment 2 Bob Foster CLA 2015-03-04 21:36:01 EST 
I meant to say, the process should be:

1. Make a list of all security bugs in the two advisories. Wiki page?

2. Either verify that they are fixed in Hudson or file separate bugs for each confirmed security bug, noting same in the list.

3. As each bug is fixed, update the list.

4. Rinse and repeat. :)
Comment 3 Wayne Beaton CLA 2019-05-14 14:06:09 EDT 
The Eclipse Hudson project has been terminated and archived.