运维利器 RunDeck 3.0.13 发布, 服务器自动化操作，

运维利器 RunDeck 3.0.13 发布, 服务器自动化操作，

运维利器 RunDeck v3.0.13 已发布。RunDeck 是用 Java/Grails 写的开源工具，帮助用户在数据中心或者云环境中自动化各种操作和流程。通过命令行或者 Web 界面，用户可以对任意数量的服务器进行操作，大大降低了对服务器自动化的门槛。

更新内容如下：

• potential stored XSS vulnerability (https://github.com/rundeck/rundeck/pull/4406)

• add Content-Security-Policy and other security HTTP headers to responses (see more info https://github.com/rundeck/rundeck/pull/4405)

• new version of winrm plugin 1.0.10

• Fix Plugin list api by referencing correct plugin list information service

• Add CSP header control variables to Docker image

• Fix #4406: stored xss vulnerability

• Security: stored XSS vulnerability

• Add common web-app security headers

• Add new flag to enable UI plugins on all pages

• Remove environment variable that hijacks jvm ssl settings

• UI plugin install status fix

• Fix #4374. User and role set by AJP were not being properly set.

• Fixes #4376. Partial templates are now expanded and added to base property file.

• Update spring security plugin to last version.

• UUID validation on jobref

• email notification enhancement

• Fix #2975 multiple threads modify the map

• Fixes #115.

• User profile information can be sync'd from LDAP

• UUID validation and Autocomplete in Job Reference Workflow step

• Feature/multi repository support

• Execution Metrics API

• java.lang.ClassCastException: java.util.HashMap$Node cannot be cast to java.util.HashMap$TreeNode

• LDAP login with empty password