Branch: refs/heads/stable
Home: https://github.com/jenkinsci/jenkins
Commit: f72f0b9e258594ebc71fac8a0eed4a9f219290a0
https://github.com/jenkinsci/jenkins/commit/f72f0b9e258594ebc71fac8a0eed4a9f219290a0
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-05 (Sat, 05 Jan 2013)
Changed paths:
M test/src/test/java/hudson/maven/MavenOptsTest.java
Log Message:
-----------
fixed a flaky test
(cherry picked from commit 43ff1688eee6ea2f3f6438fd4812cd4a603ae13e)
Commit: 48ecccc1669f325acf72953923f9d9620b2590e3
https://github.com/jenkinsci/jenkins/commit/48ecccc1669f325acf72953923f9d9620b2590e3
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-05 (Sat, 05 Jan 2013)
Changed paths:
A core/src/main/java/jenkins/util/io/FileBoolean.java
M core/src/main/java/jenkins/util/xstream/XStreamDOM.java
M core/src/test/java/jenkins/util/xstream/XStreamDOMTest.java
A core/src/test/resources/jenkins/util/xstream/XStreamDOMTest.data2.xml
Log Message:
-----------
[SECURITY-49] dependency changes needed for the fix.
(On trunk these commits are done separately as
72c68a22af7ad21ebbeb6b0857502779aa7c7a71
45b8f82e466bac0d033b1a9e145ea1b3df4861cd
31d2e03d478c7e30f8a5b05d8f3bd07b868d9525
Commit: 7983ae3baea779df18862623d594744b8d285392
https://github.com/jenkinsci/jenkins/commit/7983ae3baea779df18862623d594744b8d285392
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-05 (Sat, 05 Jan 2013)
Changed paths:
M core/pom.xml
M core/src/main/java/hudson/DNSMultiCast.java
M core/src/main/java/hudson/UDPBroadcastThread.java
M core/src/main/java/hudson/console/AnnotatedLargeText.java
M core/src/main/java/hudson/model/Job.java
M core/src/main/java/hudson/model/Run.java
M core/src/main/java/hudson/model/UsageStatistics.java
M core/src/main/java/hudson/security/RememberMeServicesProxy.java
M core/src/main/java/hudson/security/SecurityRealm.java
M core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java
M core/src/main/java/hudson/security/csrf/DefaultCrumbIssuer.java
M core/src/main/java/hudson/slaves/SlaveComputer.java
M core/src/main/java/hudson/util/Secret.java
M core/src/main/java/jenkins/model/Jenkins.java
M core/src/main/java/jenkins/security/ApiTokenProperty.java
A core/src/main/java/jenkins/security/ConfidentialKey.java
A core/src/main/java/jenkins/security/ConfidentialStore.java
A core/src/main/java/jenkins/security/CryptoConfidentialKey.java
A core/src/main/java/jenkins/security/DefaultConfidentialStore.java
A core/src/main/java/jenkins/security/HMACConfidentialKey.java
A core/src/main/java/jenkins/security/HexStringConfidentialKey.java
M core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol.java
M core/src/main/java/jenkins/slaves/JnlpSlaveAgentProtocol2.java
M core/src/main/resources/hudson/slaves/SlaveComputer/slave-agent.jnlp.jelly
A core/src/test/java/hudson/util/SecretTest.groovy
R core/src/test/java/hudson/util/SecretTest.java
A core/src/test/java/jenkins/security/ConfidentialStoreRule.java
A core/src/test/java/jenkins/security/CryptoConfidentialKeyTest.groovy
A core/src/test/java/jenkins/security/DefaultConfidentialStoreTest.groovy
A core/src/test/java/jenkins/security/HMACConfidentialKeyTest.groovy
A core/src/test/java/jenkins/security/HexStringConfidentialKeyTest.groovy
M pom.xml
M test/src/test/java/hudson/bugs/JnlpAccessWithSecuredHudsonTest.java
Log Message:
-----------
[SECURITY-49] Deprecating Jenkins.getSecretKey()
We are replacing it by the ConfidentialStore class and the
ConfidentialKey class, which provides purpose-specific confidential
information that are separated from each other.
In this way, not all eggs are in one basket, and in case of a
compromise, the impact will contained.
Also replaced several insecure use of digest(secret|messsage) or
digest(message|secret) by HMAC.
(cherry picked from commit a9aff088f327278a8873aef47fa8f80d3c5932fd)
Conflicts:
core/src/main/java/hudson/DNSMultiCast.java
core/src/main/java/hudson/model/Job.java
core/src/main/java/hudson/model/UsageStatistics.java
Commit: 9fb6c2ca0c73b43cc2e6d08c09707ee67005e526
https://github.com/jenkinsci/jenkins/commit/9fb6c2ca0c73b43cc2e6d08c09707ee67005e526
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-05 (Sat, 05 Jan 2013)
Changed paths:
M core/src/main/java/hudson/util/Secret.java
A core/src/main/java/hudson/util/SecretRewriter.java
A core/src/main/java/jenkins/security/RekeySecretAdminMonitor.java
A
core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/log.groovy
A
core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/message.groovy
A
core/src/main/resources/jenkins/security/RekeySecretAdminMonitor/message.properties
A core/src/test/java/hudson/util/MockSecretRule.java
A core/src/test/java/hudson/util/SecretRewriterTest.groovy
M core/src/test/java/hudson/util/SecretTest.groovy
A test/src/main/java/hudson/util/SecretHelper.java
A test/src/test/java/jenkins/security/RekeySecretAdminMonitorTest.java
Log Message:
-----------
[SECURITY-49] added a tool to re-key secrets
As an AdministrativeMonitor, it shows up in the manage Jenkins UI, and
allows the administrator to run a re-keying operation.
(cherry picked from commit 4895eaafca468b7f0f1a3166b2fca7414f0d5da5)
Commit: 56e4b6e287046e4ad2a02f8bd70225a86e74bd34
https://github.com/jenkinsci/jenkins/commit/56e4b6e287046e4ad2a02f8bd70225a86e74bd34
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-05 (Sat, 05 Jan 2013)
Changed paths:
M core/src/main/java/jenkins/security/ConfidentialStore.java
M core/src/main/java/jenkins/security/DefaultConfidentialStore.java
Log Message:
-----------
[SECURITY-49] Backing off from @Extension-based discovery.
This is because we discovered some plugins that use Secret early on in
the initialization.
(cherry picked from commit c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2)
Commit: e401c7cfe7b28b6ff9d0893e89c2568596b96915
https://github.com/jenkinsci/jenkins/commit/e401c7cfe7b28b6ff9d0893e89c2568596b96915
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-05 (Sat, 05 Jan 2013)
Changed paths:
M core/src/main/java/jenkins/model/Jenkins.java
M core/src/main/java/jenkins/security/RekeySecretAdminMonitor.java
Log Message:
-----------
[SECURITY-49] mark secret.key generated by post SECURITY-49 Jenkins.
If JENKINS_HOME is created by a post SECURIT-49 Jenkins (LTS, and other
variants), then there's no need to alarm the user.
(cherry picked from commit 3dc13b957b14cec649036e8dd517f0f9cb21fb04)
Commit: a411b0c3b32eb314d5a26b64de1b3d5db2760443
https://github.com/jenkinsci/jenkins/commit/a411b0c3b32eb314d5a26b64de1b3d5db2760443
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-05 (Sat, 05 Jan 2013)
Changed paths:
M core/src/main/java/jenkins/security/ApiTokenProperty.java
M test/src/test/java/jenkins/security/ApiTokenPropertyTest.java
Log Message:
-----------
[SECURITY-49] actively invalidate bad API tokens.
If the user still has the API token that's generated from secret.key,
don't accept that.
Hopefully this is the last fix
(cherry picked from commit 94a8789b699132dd706021a6be1b78bc47f19602)
Commit: ffd8489dc1ffc739f90dcd88dacf7cb78f59dac2
https://github.com/jenkinsci/jenkins/commit/ffd8489dc1ffc739f90dcd88dacf7cb78f59dac2
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-06 (Sun, 06 Jan 2013)
Changed paths:
M cli/pom.xml
M core/pom.xml
M maven-plugin/pom.xml
M pom.xml
M test/pom.xml
M ui-samples-plugin/pom.xml
M war/pom.xml
Log Message:
-----------
[maven-release-plugin] prepare release jenkins-1.480.2
Commit: 673d60a9617273fe031b31aa09ed2d96098b7e6f
https://github.com/jenkinsci/jenkins/commit/673d60a9617273fe031b31aa09ed2d96098b7e6f
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-06 (Sun, 06 Jan 2013)
Changed paths:
M cli/pom.xml
M core/pom.xml
M maven-plugin/pom.xml
M pom.xml
M test/pom.xml
M ui-samples-plugin/pom.xml
M war/pom.xml
Log Message:
-----------
[maven-release-plugin] prepare for next development iteration
Commit: 8734bb733dc4386e0ec41dcdac4ff214d8c1b7c0
https://github.com/jenkinsci/jenkins/commit/8734bb733dc4386e0ec41dcdac4ff214d8c1b7c0
Author: Kohsuke Kawaguchi <[email protected]>
Date: 2013-01-06 (Sun, 06 Jan 2013)
Changed paths:
M debian/debian/changelog
Log Message:
-----------
updated changelog as a part of the release
Compare:
https://github.com/jenkinsci/jenkins/compare/a6b4bb3f4e4a...8734bb733dc4
