search

mozilla / mozmill-ci

[OBSOLETE] Mozmill CI system driven by Mozilla Pulse and Jenkins
https://wiki.mozilla.org/QA/Automation/Projects/Mozmill_Automation/Mozmill_CI
20 stars 18 forks source link

Disable Jenkins CLI for SECURITY-218 #824

Closed whimboo closed 8 years ago

whimboo commented 8 years ago

As long as we cannot upgrade our Jenkins instance to at least version 1.625.x (issue #573) we have to disable Jenkins CLI by running a Groovy script during startup. How this can be done is listed here:

https://jenkins.io/blog/2015/11/06/mitigating-unauthenticated-remote-code-execution-0-day-in-jenkins-cli/

whimboo commented 8 years ago

PR #825 got merged.