Bug#697617: jenkins: remote code execution vulnerability
James Page
james.page at ubuntu.com
Thu Jan 10 10:20:42 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 09/01/13 00:54, Miguel Landaeta wrote:
> Hi,
>
> I'm working in backporting a fix for this issue to this version of
> Jenkins. It doesn't too hard to do it but I had not tested
> properly the patch I got.
>
> If everything goes well I'll attach a debdiff to this bug report
> very soon.
Thanks Miguel; I'm also about to upload the latest version of Jenkins
to experimental which includes a fix for this issue and
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696816 (which
requires a new version of jenkins-winstone as well).
We might want to consider whether updating unstable/testing to 1.480.2
is actually the best way forward at this point in time.
- --
James Page
Ubuntu Core Developer
Debian Maintainer
james.page at ubuntu.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIcBAEBCAAGBQJQ7pX6AAoJEL/srsug59jDM9sP/3E07QJTYx8B+gltG2+Wc6Qh
Lyn/qXV1GPrUs2pKwzyhUa6gOBdQ6CR+PsVa529aSw4j8sIrcLl5qGLexJE6xuC6
u2Fwl5SgFi7WZriS1pK8NEHVyVncjU39gVLCrIrS0U06V6PSDZ+9wfnWDQE/Jzuo
WUgOh09YEhxJYdqWt+OsrvMirtCY1w5CzofS+TQ414GHj7mVZAVgRgZwxf3N+Vaz
u2avaaqC1cQcb2ZTPfsN/bDlFRNFREJTpHtLhfCmhhAwsveL9LkOCX/NcJOQm/LP
PF1WWrPzrDyLzqdNhp6awnndOFOvkq27Pkb0V4G8wom1chgPONEKSrzYFmzphKo9
zPOxiVkK8FOu4hb4J+KNS57KN/t3v/mUad7aoXMVlMUtMv2dbCIGhW2Nf89YbaWC
YSbcdTVk0EM/0ar2P3gvcAZGlppMKjbbAYvAWWN/3BPdfYyRwVsw1Hq72tPvrr6a
7hBZ6uKzool8RZAf9qSfSWC/a17NELKXnrbtb8bglHGwOgltkQHoRWC2fyL4t+w+
QH1HdLeP/Yc/GCZK1jwtOVRW5XxIXqyzcD+/YncIUVNqtIFLmBZbLEw56JspxxKl
Nix1M9OYKIDa1rBKjYER5ICZXdrv1hUerqLgGe4/+E8x/WT2XB6m1bTkt6YOsn5Y
jiqHFGUNyH80R1k5EBKF
=biqm
-----END PGP SIGNATURE-----
More information about the pkg-java-maintainers
mailing list