The following commit has been merged in the master branch:
commit 36ef2e219c7ba796e0685b983d6d5b5a7c81a607
Author: James Page <james.p...@ubuntu.com>
Date:   Tue Mar 20 13:06:18 2012 +0000

    New upstream release, fixing XSS security vulnerability (Closes: #664057):
    
    * New upstream release, fixing XSS security vulnerability (Closes: #664057):
      - d/control: Add new dependency on libowasp-java-html-sanitizer-java.
      - d/maven.rules: Add new rule to use artifacts
        from libowasp-java-html-sanitizer-java.

diff --git a/debian/changelog b/debian/changelog
index c280d45..7473572 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,13 @@
-jenkins (1.424.3+dfsg-2) UNRELEASED; urgency=low
+jenkins (1.424.6+dfsg-1) UNRELEASED; urgency=low
 
+  * New upstream release, fixing XSS security vulnerability (Closes: #664057):
+    - d/control: Add new dependency on libowasp-java-html-sanitizer-java.
+    - d/maven.rules: Add new rule to use artifacts 
+      from libowasp-java-html-sanitizer-java.
   * Switch upstart configuration to use start-stop-daemon to allow
     desktop systems to shutdown.
 
- -- James Page <james.p...@ubuntu.com>  Mon, 12 Mar 2012 11:42:43 +0000
+ -- James Page <james.p...@ubuntu.com>  Tue, 20 Mar 2012 13:05:03 +0000
 
 jenkins (1.424.3+dfsg-1) unstable; urgency=low
 
diff --git a/debian/control b/debian/control
index 3b0ab6e..809372f 100644
--- a/debian/control
+++ b/debian/control
@@ -78,6 +78,7 @@ Build-Depends-Indep:
  libmaven-war-plugin-java,
  libmaven2-core-java,
  libmetainf-services-java,
+ libowasp-java-html-sanitizer-java,
  libpam4j-java,
  librobust-http-client-java,
  libservlet2.5-java,
diff --git a/debian/maven.rules b/debian/maven.rules
index 7b353d9..8bedea8 100644
--- a/debian/maven.rules
+++ b/debian/maven.rules
@@ -22,7 +22,7 @@ commons-httpclient commons-httpclient jar s/3\..*/3.x/ * *
 junit junit jar s/3\..*/3.x/ * *
 junit junit jar s/4\..*/4.x/ * *
 # Map onto exact version during build process
-org.jenkins-ci.main * * s/1\..*/1.424.3/ * *
+org.jenkins-ci.main * * s/1\..*/1.424.6/ * *
 # Handle plugin package
 org.kohsuke access-modifier-annotation jar s/.*/1.0/ * *
 org.kohsuke access-modifier-checker *  s/.*/1.0/ * *
@@ -60,3 +60,5 @@ org.jruby.ext.posix s/jna-posix/jnr-posix/ * s/.*/debian/ * *
 s/org.jvnet/org.codehaus.mojo/ 
s/animal-sniffer-annotation/animal-sniffer-annotations/ jar s/.*/debian/ * *
 # Update to servlet2.5
 javax.servlet servlet-api * s/.*/2.5/ * *
+# Updates for 1.424.6
+s/org.kohsuke/owasp-java-html-sanitizer/ 
s/owasp-html-sanitizer/owasp-java-html-sanitizer/ * s/.*/debian/ * *

-- 
jenkins packaging

_______________________________________________
pkg-java-commits mailing list
pkg-java-comm...@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-commits

Reply via email to