Package: release.debian.org Severity: normal User: [email protected] Usertags: rm
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Jenkins 1.447.2 suffers from the critical security vulnerability identified in http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697617. The delta in the codebase between 1.447.2 and 1.480.2 makes backporting the extensive fix to resolve this specific vulnerability extremely hard; as a result I'm proposing to provide Jenkins via wheezy-backports and keep tracking the upstream LTS releases. I think this is the only plan which is realistically sustainable. Please remove Jenkins from testing. - -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.8.0-8-generic (SMP w/8 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJRMkEFAAoJEL/srsug59jDNp4P/0p1Ko1pvRkzZT3DlBXhvmIm h/ygc43PIkxj+dvCH0EFfvASvLsU+zQucFapVm2+e5vC8iD/juB2Gi6QAbWIBpue +beDthDrztnFgdLmWQ707gCurXB3GZ9PyTe9VWOqTU6YWpAjR4iFKsPv2mAVAFHt qAEDZeNZCwl60dGBsulO3O0S1Hvu/w7awglF+YIiPJOYWdpMiDTGMzOVtXMvIS0r /ccZ2N3+BoxMgURTGNmCrB4Xr7QK7boQFol/x2PJYLh3Qbm3sVsESlhLRQeVquEC D01qzkwwiN9J2HwN2leog7RosnLIrt9Xa3VJNdwYCJAmn3sYkw37N3HSa2937BVz oFwQHiOGbNFTF8IOeRrtMmAYb3kypWpq1ZoGOHJ607yFm3tikiDxl3gTuC/0cx2d ElZwHc7ew/5LndMTMDYW1gdblXUzW17Jv6aUtnt02Mkkt6vbiz1PuIRU+lohqeE6 UViX99jApROJyRn9XMnY83I6c6KylwyPnfVJapCMblC+WBaEG5PCFZb/8yljePkE ka2yhopq24ARfwJaAaMTOo0JXevb1uOHW9GsWoQMg/NH6PArwnyI97YeUwUwIX8/ 2C1f+Y8raTJ8yxXPFgv/YDshuu/l4k9LRe52er3k5N1BXAAXr2vG0+vd1tlmgPuM KBioatauHP8hq5k+zO8Y =tOZg -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
