On Tue, Mar 28, 2017 at 05:48:16PM +0200, Markus Koschany wrote:
> Control: forcemerge 857343 858914
>
> Am 28.03.2017 um 17:38 schrieb Guido Günther:
> > Package: logback
> > Severity: grave
> > Tags: security
> >
> > Hi,
> >
> > th
Package: logback
Severity: grave
Tags: security
Hi,
the following vulnerability was published for logback.
CVE-2017-5929[0]:
| QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting
| the SocketServer and ServerSocketReceiver components.
If you fix the vulnerability please
Package: tomcat7
Severity: important
Tags: security
Hi,
the following vulnerability was published for tomcat7.
CVE-2016-6797[0]:
Apache Tomcat Unrestricted Access to Global Resources
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id
Package: tomcat7
Severity: important
Tags: security
Hi,
the following vulnerability was published for tomcat7.
CVE-2016-6796[0]:
Apache Tomcat Security Manager Bypass
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog
Package: tomcat7
Severity: important
Tags: security
Hi,
the following vulnerability was published for tomcat7.
CVE-2016-6794[0]:
Apache Tomcat System Property Disclosure
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your
Package: tomcat7
Severity: important
Tags: security
Hi,
the following vulnerability was published for tomcat7.
CVE-2016-5018[0]:
Apache Tomcat Security Manager Bypass
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog
Package: tomcat7
Severity: importantx
Tags: security
Hi,
the following vulnerability was published for tomcat7.
CVE-2016-0762[0]:
Apache Tomcat Realm Timing Attack
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog
Source: commons-httpclient
Version: 3.1-11
Severity: important
Please see https://bugzilla.redhat.com/show_bug.cgi?id=1259892
Cheers,
-- Guido
-- System Information:
Debian Release: 8.1
APT prefers stable
APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'unstable'),
(500,
Hi,
On Fri, Sep 11, 2015 at 04:20:42PM +0200, Emmanuel Bourg wrote:
> Le 11/09/2015 15:12, Guido Günther a écrit :
>
> > Please see https://bugzilla.redhat.com/show_bug.cgi?id=1259892
>
> Thank you for the report Guido. A hanging connection is certainly
> annoying but I f
Package: jenkins
Version: 1.509.2+dfsg-1
Severity: wishlist
Tags: patch
Hi,
the attached becomes hand if one (like me) can't remember what to set
when running jenkins behind a reverse proxy.
Cheers,
-- Guido
-- System Information:
Debian Release: jessie/sid
APT prefers stable
APT policy:
Package: jenkins
Version: 1.480.3+dfsg-1~exp1
Severity: critical
Hi,
after upgrading jenkins from the Wheezy to the above version the GUI
didn't show the option to initiate the rekeying as described in
NEWS.Debian. I needed to also upgrade jenkins-common to have this shown.
(which makes sense
On Mon, Feb 20, 2012 at 09:38:37PM +0100, Jakub Adam wrote:
Package: jenkins
Version: 1.424.2+dfsg-2
Severity: wishlist
--- Please enter the report below this line. ---
Please enable building and packaging of maven-plugin (and possibly other
Jenkins plugins
that are part of the core
Package: jenkins
Version: 1.480.3+dfsg-1~exp1
Severity: important
Hi,
restarting jenkins fails reliably with:
# /etc/init.d/jenkins restart
[] Restarting Jenkins Continuous Integration Server: jenkinsThe selected
http port (8080) seems to be in use by another program
Please select another
On Mon, Jul 30, 2012 at 02:05:19PM +0200, Christoph Berg wrote:
Re: James Page 2012-07-30 50167644.2040...@ubuntu.com
Please note that it is possible to use the maven-plugin as distributed
by upstream - so you should still be able to use this plugin.
I tried to, but I couldn't find it
On Sat, Apr 06, 2013 at 09:29:52PM +0100, James Page wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 06/04/13 18:36, Guido Günther wrote:
Re: James Page 2012-07-30 50167644.2040...@ubuntu.com
Please note that it is possible to use the maven-plugin as
distributed by upstream
Hi James,
On Thu, Jan 10, 2013 at 05:03:44PM +, James Page wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/01/13 15:46, Miguel Landaeta wrote:
We might want to consider whether updating unstable/testing to
1.480.2 is actually the best way forward at this point in
time.
Package: maven-debian-helper
Severity: normal
Hi,
the package depends on libmaven-compiler-plugin-java which depends on
libmaven-plugin-tools-java which depends on libdoxia-sitetools-java.
However maven2 itself depends on libdoxia-java which conflicts with
libdoxia-sitetools-java. I guess the
17 matches
Mail list logo