Ubuntu (at least as of 12.04) has the default umask 022, which made some
users nervous. Quoting its /etc/login.defs below, which explains its
historical origin:

  UMASK is the default umask value for pam_umask and is used by
  useradd and newusers to set the mode of the new home directories.
  022 is the "historical" value in Debian for UMASK
  027, or even 077, could be considered better for privacy
  There is no One True Answer here : each sysadmin must make up his/her
  mind.

It does seem to me that a bit more restrictive default is sensible,
so this change introduces /etc/default/jenkins parameter that sets the
default umask to 027 to prevent "others" from seeing files.

Not that keys and other sensitive files are protected anyway, so it is
not the case that the privacy of Jenkins data files have been vulnerable
prior to this change.

[FIXED JENKINS-23522] Defend against stack overflows when a listener (unnecessarily) called super from a deprecated method.
Fixes #1295 a little differently.

If we are running on a case-insensitive FS, the test makes no sense because migration would never even be attempted to begin with.

For some reason IE10 craches when document.getElementsByName is called and there is an element with a name attribute but no value. In this case a button had a name attribute set with an empty string as the value.

[FIXED JENKINS-24014] Make reverse proxy check tolerate ?auto_refresh

[FIXED JENKINS-20307] Consider OneOffExecutors in Run.getExecutor()

Properly documenting the AccessDeniedException as thrown by ItemGroup.read (and methods that call it).
Also making DISCOVER permission be implied by READ, which is natural since it is only checked if READ is denied.

Conflicts:
	changelog.html

[FIXED JENKINS-23963] Use absolute sidepanel links for computers

[JENKINS-24244] If we are skipping polling due to quietingDown, at least record this fact in the system log.

Trying to make testRemoteKill less prone to random failure (presumably on a heavily loaded machine).

Missed this in previous commit - bad idea making even small changes late at night ;)

(cherry picked from commit 3daa6a97)

(cherry picked from commit 286337ea)

Adapted from #1375 by @daniel-beck: omitting change to User construction, and adding test.
(cherry picked from commit 088edabb)

Conflicts:
	changelog.html

Adapted from #1375 by @daniel-beck: omitting change to User construction, and adding test.

Missed this in previous commit - bad idea making even small changes late at night ;)

[FIXED JENKINS-24358] RunSaveableReference.get can acquire locks, so avoid calling it while holding a lock on ourselves.

Right now, checker is being attached to both onblur and onchange.  The result is when the user changes input, and that input loses focus, the checker is being fired twice.  This can cause issues on non-trivial field changes (such as validating a groovy script).  If there is no change, the checker is still called once due to the onblur.

The checker should only be called if the input is changed.

Added no-store to the Cache-Contorl header

Reference: http://stackoverflow.com/questions/866822/why-both-no-cache-and-no-store-should-be-used-in-http-response
Reference: http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9.2