Branch: refs/heads/master
Home: https://github.com/jenkinsci/tap-plugin
Commit: 055e39fbd5a10837a7d4fee56784eff84ad16d9e
https://github.com/jenkinsci/tap-plugin/commit/055e39fbd5a10837a7d4fee56784eff84ad16d9e
Author: Bruno P. Kinoshita
Date: 2024-01-18 (Thu, 18 Jan 2024)
Changed paths:
A src/test/java/org/tap4j/plugin/jenkins_cert_3190/TestXssTapFile.java
Log Message:
---
[SECURITY-3190] Add test to reproduce the issue
Commit: 1d61d11f1383c7b900cc6c2d33ee958fb7fe0568
https://github.com/jenkinsci/tap-plugin/commit/1d61d11f1383c7b900cc6c2d33ee958fb7fe0568
Author: Bruno P. Kinoshita
Date: 2024-01-18 (Thu, 18 Jan 2024)
Changed paths:
M src/main/java/org/tap4j/plugin/util/DiagnosticUtil.java
M src/test/java/org/tap4j/plugin/jenkins_cert_3190/TestXssTapFile.java
Log Message:
---
[SECURITY-3190] Add more cases where the security error might happen in the
text, and write the fix suggested in the issue (thanks Andrea Chiera)
Commit: e3e3c124252b07280d19d641207e794b232b6956
https://github.com/jenkinsci/tap-plugin/commit/e3e3c124252b07280d19d641207e794b232b6956
Author: Bruno P. Kinoshita
Date: 2024-01-22 (Mon, 22 Jan 2024)
Changed paths:
M src/main/java/org/tap4j/plugin/util/DiagnosticUtil.java
Log Message:
---
[SECURITY-3190] Use Jenkins method to escape HTML attributes (thanks
@yaroslavafenkin !)
Commit: 357c850b8dc7b306152d0afea54d22b0eb370bf4
https://github.com/jenkinsci/tap-plugin/commit/357c850b8dc7b306152d0afea54d22b0eb370bf4
Author: Bruno P. Kinoshita
Date: 2024-04-06 (Sat, 06 Apr 2024)
Changed paths:
M src/main/java/org/tap4j/plugin/util/DiagnosticUtil.java
A src/test/java/org/tap4j/plugin/jenkins_cert_3190/TestXssTapFile.java
Log Message:
---
Merge pull request #37 from jenkinsci/SECURITY-3190
[SECURITY-3190] Fix XSS security bug (already published)
Compare:
https://github.com/jenkinsci/tap-plugin/compare/adf25162febe...357c850b8dc7
To unsubscribe from these emails, change your notification settings at
https://github.com/jenkinsci/tap-plugin/settings/notifications
--
You received this message because you are subscribed to the Google Groups
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-commits+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-commits/jenkinsci/tap-plugin/push/refs/heads/master/adf251-357c85%40github.com.