Bug#696816: jenkins: Security issues were found in Jenkins core
Steven McDonald
steven at steven-mcdonald.id.au
Fri Jan 25 15:18:55 UTC 2013
Hi there,
The issue was raised on debian-devel[0] that this bug still affects
unstable and is causing jenkins to be a candidate for removal from
wheezy. I have backported the fixes for these issues from upstream git;
they are attached to this e-mail as separate quilt patches for the sake
of cleanliness.
I have also uploaded a source NMU package[1] to mentors.debian.net,
which I intend to seek sponsorship for if I don't get a reply to this
bug report within 72 hours (as the deadline given by the Release Team
for removal from testing is 31st January).
Please let me know if you need anything further from me.
Thanks,
Steven.
[0] Thread "Candidates for removal from testing (2013-01-24)", which
doesn't seem to be in the web archives yet.
[1] http://mentors.debian.net/package/jenkins
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CVE-2012-6073.patch
Type: text/x-patch
Size: 3259 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20130126/34e63e99/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CVE-2012-6074.patch
Type: text/x-patch
Size: 666 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20130126/34e63e99/attachment-0001.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20130126/34e63e99/attachment.pgp>
More information about the pkg-java-maintainers
mailing list