Your message dated Thu, 10 Jan 2013 10:47:49 +0000 with message-id <e1ttffp-0006lr...@franck.debian.org> and subject line Bug#696816: fixed in jenkins 1.480.2+dfsg-1~exp1 has caused the Debian Bug report #696816, regarding jenkins: Security issues were found in Jenkins core to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 696816: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696816 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: jenkins Version: 1.447.2+dfsg-2 Severity: grave Tags: security Dear Maintainer, The upstream vendor announced a security advisory, that is rated high severity. See: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20 Regards, Nobuhiro
--- End Message ---
--- Begin Message ---Source: jenkins Source-Version: 1.480.2+dfsg-1~exp1 We believe that the bug you reported is fixed in the latest version of jenkins, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 696...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. James Page <james.p...@ubuntu.com> (supplier of updated jenkins package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 10 Jan 2013 09:50:50 +0000 Source: jenkins Binary: libjenkins-java libjenkins-plugin-parent-java jenkins-common jenkins jenkins-slave jenkins-external-job-monitor jenkins-cli jenkins-tomcat Architecture: source all Version: 1.480.2+dfsg-1~exp1 Distribution: experimental Urgency: low Maintainer: Debian Java Maintainers <pkg-java-maintainers@lists.alioth.debian.org> Changed-By: James Page <james.p...@ubuntu.com> Description: jenkins - Continuous Integration and Job Scheduling Server jenkins-cli - Jenkins CI Command Line Interface jenkins-common - Jenkins common Java components and web application jenkins-external-job-monitor - Jenkins CI external job monitoring jenkins-slave - Jenkins slave node helper jenkins-tomcat - Jenkins CI on Tomcat 6 libjenkins-java - Jenkins CI core Java libraries libjenkins-plugin-parent-java - Jenkins Plugin Parent Maven POM Closes: 696816 697617 Changes: jenkins (1.480.2+dfsg-1~exp1) experimental; urgency=low . * New upstream release (Closes: #696816, #697617): - d/control: Added new BD on libjbcrypt-java. - d/control: Versioned BD jenkins-winstone >= 0.9.10-jenkins-40. - d/control: Versioned BD jenkins-trilead-ssh2 >= 214-jenkins-1. - Fixes the following security vulnerabilities: CVE-2012-6072, CVE-2012-6073, CVE-2012-6072, CVE-2013-0158. * Tidied lintian warnings. * Bumped Standards-Version: 3.9.4, no changes. Checksums-Sha1: 61b96c26379a93b0f8831241b2d8155ed2c1fca5 4523 jenkins_1.480.2+dfsg-1~exp1.dsc 142722450b04d9bca1411fbcd876badd7bfbd076 4563554 jenkins_1.480.2+dfsg.orig.tar.gz 75831e84f212e6a14d430fdf9db45e895ea918b3 46490 jenkins_1.480.2+dfsg-1~exp1.debian.tar.gz 6fdc27ccbead9992decef198142f0b9e50c2df8d 6886032 libjenkins-java_1.480.2+dfsg-1~exp1_all.deb 9026e4a6d8938034e98ca044fff1c3b8eea8b863 15768 libjenkins-plugin-parent-java_1.480.2+dfsg-1~exp1_all.deb 3c06021dd2a9b016ef4e848a757a9ca5a694a33f 33533788 jenkins-common_1.480.2+dfsg-1~exp1_all.deb b4e3fc9784ded3add022ce570fa2444510d114f3 19620 jenkins_1.480.2+dfsg-1~exp1_all.deb a3149f9dfcf6f41be9cbc3b5f0b5e0747f3a6006 18718 jenkins-slave_1.480.2+dfsg-1~exp1_all.deb 97d6982aefa9e2269ce665e58d95cd2481e8b0a6 6850002 jenkins-external-job-monitor_1.480.2+dfsg-1~exp1_all.deb f84b515753348ae792ab59cdb335b0c0cc0376d2 689022 jenkins-cli_1.480.2+dfsg-1~exp1_all.deb 05e1ff6f5f7d3ccd69a508e081512c8bc05332fb 15804 jenkins-tomcat_1.480.2+dfsg-1~exp1_all.deb Checksums-Sha256: 678a1b06b46dd9c4a3540bfc535ef61b9159dd644271157963feccb0f94e8f31 4523 jenkins_1.480.2+dfsg-1~exp1.dsc ac0554a00195cdb7de0b56500beef6c36ac02bb244ade7a79024f562ec4cf418 4563554 jenkins_1.480.2+dfsg.orig.tar.gz 60c07aec907caaa5bf29aca0f1dc423610f0e344a6a83d9b976d02544751c4ae 46490 jenkins_1.480.2+dfsg-1~exp1.debian.tar.gz 9051e9440e22d22bb93002bada18b6722d37e3a2e8692f54571162dd4c7f6c13 6886032 libjenkins-java_1.480.2+dfsg-1~exp1_all.deb b9459171af4aba12075eae552ba01938cb1a6eb33c1e3f3f6ff094a33b2e806c 15768 libjenkins-plugin-parent-java_1.480.2+dfsg-1~exp1_all.deb 4ca0ab861e62d77b40ef5519d23b220fc867d981f1bcc3621987d881139b1fdd 33533788 jenkins-common_1.480.2+dfsg-1~exp1_all.deb ac6c3be0ac3b13f722d0ec36b10ec35d811bad5f3b2fb5ad282d0999b63fa15f 19620 jenkins_1.480.2+dfsg-1~exp1_all.deb cf4edfc6ed40292bbcaa9275081e378c1cd236dc223b77323f3cbc7a395b3c86 18718 jenkins-slave_1.480.2+dfsg-1~exp1_all.deb c768cd1039673ffe7f19c47a710e2f8237a0d790efb382f4b02d3f57f33ab5e4 6850002 jenkins-external-job-monitor_1.480.2+dfsg-1~exp1_all.deb 9cb7e1f3345daaa2fb2a7cef44fc2761893084773b22b1f21895be07ff161f84 689022 jenkins-cli_1.480.2+dfsg-1~exp1_all.deb a8d401eb7e065c2ab4c37b9345eed9ac85c393e65627267caa356a479e12b9a8 15804 jenkins-tomcat_1.480.2+dfsg-1~exp1_all.deb Files: 87f3722989adb64e4945c6992ce4f60f 4523 java optional jenkins_1.480.2+dfsg-1~exp1.dsc 4c307bf3c7d1b4237e70ae65a895e5fd 4563554 java optional jenkins_1.480.2+dfsg.orig.tar.gz 4096f2c1c26755a84ea46a3f4764fd06 46490 java optional jenkins_1.480.2+dfsg-1~exp1.debian.tar.gz a7a838c6a61fd3cfacbe8fd7599b9d92 6886032 java optional libjenkins-java_1.480.2+dfsg-1~exp1_all.deb 7bbc5d9fbca6dc1af1629a66a29c5e0b 15768 java optional libjenkins-plugin-parent-java_1.480.2+dfsg-1~exp1_all.deb d9856658d4d1fd44e2bb75198feadc7b 33533788 java optional jenkins-common_1.480.2+dfsg-1~exp1_all.deb d6f4e47c82c611532df941a35e8e273b 19620 java optional jenkins_1.480.2+dfsg-1~exp1_all.deb 08e249b1a66212a731b0f850bb7a559b 18718 java optional jenkins-slave_1.480.2+dfsg-1~exp1_all.deb 98a38dad56321f9e2be7fc889ce18a7d 6850002 java optional jenkins-external-job-monitor_1.480.2+dfsg-1~exp1_all.deb 0ae5f52365e4b10134358c02ddd013ce 689022 java optional jenkins-cli_1.480.2+dfsg-1~exp1_all.deb 84287f3b64f4b08a6f3275498af2259e 15804 java optional jenkins-tomcat_1.480.2+dfsg-1~exp1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBCAAGBQJQ7pmAAAoJEL/srsug59jDOK4P/A1ifynmHaO+iMBYqCaZVYPl Zrj6Fsw7Y1ObohERQBn6YX+alENbZ2Zke045JEhozLsundFh37YpM4s16kiQ4u4O 4L8ZZQ6D/+FZ2I/8yKhjbWPYduVLAMjCCapFycC87tPbsTQbJRXtuo7CzfdD5fVA 4Ggrlqg+ihBnEDng50H2isysog7RKICkKjEFrJy7dQYJOlJ7LBe+8/29XmoJ8zpd SrJTvm2Sva8+n4GpdiQ/L0x4Bx6G2pBI5/Xsq2slaNbhT+ul3V239ZOkux2snGav 3u5wzGiwbo0rtvjkkczQ8MtUHOKQ65RjFghij5GvXuEnYGKkKD8m/QSQqzWKXVV7 HRV/uxUHrl6Q99tiq1qNESseAwy77Ok434wRmVukZMtVjbkjVew8zAj4g9vk1Uan KhMM+1A90pq+N0Z42hcjB8yHfM/gIhXT7M8/uubIhPw7XgtiOJbO3doxqcqL8nyG 8qwuEKtCxLyoDjXe1zffTRnBy5M/ujs5AxjGURJpv0NcNIN4f+fl1buKmpOpIUSo w6TvIVum66uLouy7on8ZdQMr9ZSqvQ4LY94NhCbmnt+Oi4W0mA0CJMQEN3iDNa+w /OZSl8O3DN0flOX2AV7LIs/luVLN40Y2x9uY6wl9kQ+gMBikdwTKH1QRiscNuddG n4yJVYwyyivgu/4Sp/RH =T+01 -----END PGP SIGNATURE-----
--- End Message ---
__ This is the maintainer address of Debian's Java team <http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-java-maintainers>. Please use debian-j...@lists.debian.org for discussions and questions.
