Public bug reported:
Starting with Jenkins version 2.176.2 CSRF tokens will now also check
the web session ID to confirm they were created in the same session.
This fix impacts python-jenkins because it obtains a crumb from the
crumb issuer API. python-jenkins needs to be updated to retain the
session ID for subsequent requests. For further information, see
https://jenkins.io/doc/upgrade-guide/2.176/#SECURITY-626
** Affects: python-jenkins
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Python
Jenkins Developers, which is subscribed to Python Jenkins.
https://bugs.launchpad.net/bugs/1837415
Title:
Retain session id for subsequent requests
Status in Python Jenkins:
New
Bug description:
Starting with Jenkins version 2.176.2 CSRF tokens will now also check
the web session ID to confirm they were created in the same session.
This fix impacts python-jenkins because it obtains a crumb from the
crumb issuer API. python-jenkins needs to be updated to retain the
session ID for subsequent requests. For further information, see
https://jenkins.io/doc/upgrade-guide/2.176/#SECURITY-626
To manage notifications about this bug go to:
https://bugs.launchpad.net/python-jenkins/+bug/1837415/+subscriptions
--
Mailing list: https://launchpad.net/~python-jenkins-developers
Post to : [email protected]
Unsubscribe : https://launchpad.net/~python-jenkins-developers
More help : https://help.launchpad.net/ListHelp
