From 93089c53be6ca660308285a4c6538e998903f840 Mon Sep 17 00:00:00 2001
From: Jan Meiswinkel <meiswinkel.jan@googlemail.com>
Date: Tue, 10 Oct 2023 10:22:19 +0200
Subject: [PATCH 1/2] add ParserConfiguration#setParsers to blacklist

---
 .../plugins/scriptsecurity/sandbox/whitelists/blacklist        | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/blacklist b/src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/blacklist
index e68b88574..dfb79e97f 100644
--- a/src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/blacklist
+++ b/src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/blacklist
@@ -114,3 +114,6 @@ method org.jenkinsci.plugins.workflow.support.steps.build.RunWrapper getRawBuild
 # SECURITY-1754
 new org.kohsuke.groovy.sandbox.impl.Checker$SuperConstructorWrapper java.lang.Object[]
 new org.kohsuke.groovy.sandbox.impl.Checker$ThisConstructorWrapper java.lang.Object[]
+
+# Ability to define global parsers that include scripts without further approval
+method io.jenkins.plugins.analysis.warnings.groovy.ParserConfiguration setParsers java.util.List

From 318aa8b0057ba04ca06270c94fd1eec14900d115 Mon Sep 17 00:00:00 2001
From: Jan Meiswinkel <meiswinkel.jan@googlemail.com>
Date: Wed, 11 Oct 2023 13:47:08 +0200
Subject: [PATCH 2/2] Update blacklist

---
 .../plugins/scriptsecurity/sandbox/whitelists/blacklist     | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/blacklist b/src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/blacklist
index dfb79e97f..2e4aae906 100644
--- a/src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/blacklist
+++ b/src/main/resources/org/jenkinsci/plugins/scriptsecurity/sandbox/whitelists/blacklist
@@ -19,6 +19,9 @@ staticMethod hudson.model.User get java.lang.String boolean
 staticMethod hudson.model.User get java.lang.String boolean java.util.Map
 staticMethod hudson.model.User getAll
 
+# Ability to define global parsers that include scripts without further approval
+method io.jenkins.plugins.analysis.warnings.groovy.ParserConfiguration setParsers java.util.List
+
 # Raw file operations could be used to compromise the Jenkins controller.
 staticMethod java.io.File createTempFile java.lang.String java.lang.String
 staticMethod java.io.File createTempFile java.lang.String java.lang.String java.io.File
@@ -114,6 +117,3 @@ method org.jenkinsci.plugins.workflow.support.steps.build.RunWrapper getRawBuild
 # SECURITY-1754
 new org.kohsuke.groovy.sandbox.impl.Checker$SuperConstructorWrapper java.lang.Object[]
 new org.kohsuke.groovy.sandbox.impl.Checker$ThisConstructorWrapper java.lang.Object[]
-
-# Ability to define global parsers that include scripts without further approval
-method io.jenkins.plugins.analysis.warnings.groovy.ParserConfiguration setParsers java.util.List