Hi
On Tue, Jan 08, 2013 at 02:06:39AM +0900, Nobuhiro Ban wrote:
Package: jenkins
Version: 1.447.2+dfsg-2
Severity: grave
Tags: security
Dear Maintainer,
The upstream vendor announced a security advisory, that is rated
critical severity.
See:
Hi James,
On Thu, Jan 10, 2013 at 05:03:44PM +, James Page wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/01/13 15:46, Miguel Landaeta wrote:
We might want to consider whether updating unstable/testing to
1.480.2 is actually the best way forward at this point in
time.
On Thu, Jan 10, 2013 at 2:29 PM, Miguel Landaeta mig...@miguel.cc wrote:
On Thu, Jan 10, 2013 at 2:03 PM, James Page james.p...@ubuntu.com wrote:
I'm trying to get some advice from upstream on this - hopefully I'll
hear back in the next ~24hrs
Good to know, I'll stay tuned.
Hi James, is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 09/01/13 00:54, Miguel Landaeta wrote:
Hi,
I'm working in backporting a fix for this issue to this version of
Jenkins. It doesn't too hard to do it but I had not tested
properly the patch I got.
If everything goes well I'll attach a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/01/13 15:46, Miguel Landaeta wrote:
We might want to consider whether updating unstable/testing to
1.480.2 is actually the best way forward at this point in
time.
Hi James,
I don't know if it is feasible at this point in the release
On Thu, Jan 10, 2013 at 2:03 PM, James Page james.p...@ubuntu.com wrote:
I did much the same for the version in Ubuntu 12.04 (1.424.6); and hit
similar issues. The key problem is the extent of the patch to fix this
issue and the amount of code change in the TCP/Agent communication
area between
Package: jenkins
Version: 1.447.2+dfsg-2
Severity: grave
Tags: security
Dear Maintainer,
The upstream vendor announced a security advisory, that is rated
critical severity.
See:
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04
Regards,
Nobuhiro
__
This is
Control: retitle -1 jenkins: CVE-2013-0158: remote code execution vulnerability
Hi
On Tue, Jan 08, 2013 at 02:06:39AM +0900, Nobuhiro Ban wrote:
Package: jenkins
Version: 1.447.2+dfsg-2
Severity: grave
Tags: security
Dear Maintainer,
The upstream vendor announced a security advisory,
Processing control commands:
retitle -1 jenkins: CVE-2013-0158: remote code execution vulnerability
Bug #697617 [jenkins] jenkins: remote code execution vulnerability
Changed Bug title to 'jenkins: CVE-2013-0158: remote code execution
vulnerability' from 'jenkins: remote code execution
9 matches
Mail list logo