|
||||||||
|
This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira |
||||||||
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Jesse Glick: No, this is about variables recognized by Env-Inject as passwords. They're only shown in encrypted form on the Injected Env Vars page, but that can be reused in another job in the same instance the malicious user has config access to: Just run env there and you "decrypted" the password.