advisory-database icon indicating copy to clipboard operation
advisory-database copied to clipboard
verified publisher icon github

[GHSA-r57f-7xw3-q2r9] Improper Authentication in Jenkins

Open sunSUNQ opened this issue 1 year ago • 2 comments

Updates

  • References

Comments Add some patch links related to CVE-2017-1000354.

sunSUNQ avatar Feb 26 '24 13:02 sunSUNQ

Hi @sunSUNQ, could you please explain how the new reference relates to the vulnerability?

JonathanLEvans avatar Mar 04 '24 21:03 JonathanLEvans

The patch in 02d24053bdfeb219d2387a19885a60bdab510479 import java.util.logging.Logger in ClientAuthenticationCache.java, and then add test on LoggerRule in ClientAuthenticationCacheTest.java. I believe that the addition of test classes during patch submission is crucial to ensure the viability of the added code in the patch. Therefore, I consider the modifications made to test classes as an integral part of the patch.

sunSUNQ avatar Mar 05 '24 01:03 sunSUNQ

👋 This pull request has been marked as stale because it has been open with no activity. You can: comment on the issue or remove the stale label to hold stale off for a while, add the Keep label to hold stale off permanently, or do nothing. If you do nothing this pull request will be closed eventually by the stale bot. Please see CONTRIBUTING.md for more policy details.

taladrane avatar Mar 21 '24 00:03 taladrane