On Sun, Feb 16, 2014 at 01:45:49AM +0900, Nobuhiro Ban wrote:
> Package: jenkins
> Version: 1.509.2+dfsg-2
> Severity: grave
> Tags: security
> Dear Maintainer,
> The upstream vendor announced a security advisory.
> In this advisory, some vulnerabilities are rated high severity.
> > SECURITY-105
> > affected by CVE-2013-7285 reported against XStream
> > SECURITY-76 & SECURITY-88 / CVE-2013-5573
> > SECURITY-109
> > SECURITY-108
> > SECURITY-106
> > SECURITY-93
> > SECURITY-89
> > SECURITY-80
> > SECURITY-79
> > SECURITY-77
> > SECURITY-75
> > SECURITY-74
> > SECURITY-73
See http://www.openwall.com/lists/oss-security/2014/02/21/2, where
some CVEs were assigned to identify the issues. Please include the CVE
identifier in the changelog when fixing the corresponding issues.
This is the maintainer address of Debian's Java team
debian-j...@lists.debian.org for discussions and questions.