Hi James,
The debdiffs look fine to me from a packaging perspective. I'm a little
dubious of the upstream fix, which is just setting a limit on the size
of the hashtables and hashmaps and assumes that a worst case walk of
that size won't negatively impact the operation of the system. In any
event, despite my reservations, I'll push them to the security pocket
soon.
Thanks!
** Changed in: jenkins (Ubuntu Oneiric)
Assignee: James Page (james-page) => Steve Beattie (sbeattie)
** Changed in: jenkins-executable-war (Ubuntu Oneiric)
Assignee: James Page (james-page) => Steve Beattie (sbeattie)
** Changed in: jenkins-winstone (Ubuntu Oneiric)
Assignee: James Page (james-page) => Steve Beattie (sbeattie)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/914628
Title:
Hash DoS vulnerability in Jenkins core
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/jenkins/+bug/914628/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
