Branch: refs/heads/master
Home: https://github.com/jenkinsci/yaml-axis-plugin
Commit: a299e138ee8a2d462d11a475f00eff0ac34d35ec
https://github.com/jenkinsci/yaml-axis-plugin/commit/a299e138ee8a2d462d11a475f00eff0ac34d35ec
Author: sue445 <sue...@sue445.net>
Date: 2020-04-06 (Mon, 06 Apr 2020)
Changed paths:
M build.gradle
Log Message:
-----------
Upgrade snakeyaml to 1.26
for preventing billion laughs attack
Commit: 356a7baf3fa343f3bb999ea03c11bdd40b02088d
https://github.com/jenkinsci/yaml-axis-plugin/commit/356a7baf3fa343f3bb999ea03c11bdd40b02088d
Author: sue445 <sue...@sue445.net>
Date: 2020-04-06 (Mon, 06 Apr 2020)
Changed paths:
M src/main/groovy/org/jenkinsci/plugins/yamlaxis/YamlFileLoader.groovy
M src/main/groovy/org/jenkinsci/plugins/yamlaxis/YamlTextLoader.groovy
Log Message:
-----------
Pass SafeConstructor
for preventing remote code execution vulnerability
https://bitbucket.org/asomov/snakeyaml/wiki/Documentation
Commit: 346802860c68a5a9bb4996c81fed4e05bee594f4
https://github.com/jenkinsci/yaml-axis-plugin/commit/346802860c68a5a9bb4996c81fed4e05bee594f4
Author: GO Sueyoshi <sue...@users.noreply.github.com>
Date: 2020-04-07 (Tue, 07 Apr 2020)
Changed paths:
M build.gradle
M src/main/groovy/org/jenkinsci/plugins/yamlaxis/YamlFileLoader.groovy
M src/main/groovy/org/jenkinsci/plugins/yamlaxis/YamlTextLoader.groovy
Log Message:
-----------
Merge pull request #17 from jenkinsci/SECURITY-1825
Resolved remote code execution vulnerability
Compare:
https://github.com/jenkinsci/yaml-axis-plugin/compare/2e1f0b2b3aaf...346802860c68
--
You received this message because you are subscribed to the Google Groups
"Jenkins Commits" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to jenkinsci-commits+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/jenkinsci-commits/jenkinsci/yaml-axis-plugin/push/refs/heads/master/2e1f0b-346802%40github.com.
