subject:"Bug#688298\: jenkins\: Multiple security issues"

Bug#688298: jenkins: Multiple security issues

2012-09-25 Thread James Page

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Note that the jenkins package in Debian is not effected by: CVE-2012-4440 jenkins XSS in Violations plugin CVE-2012-4441 jenkins XSS in CI game plugin These are problems in plugins which are not built as part of the jenkins source package. I h

Bug#688298: jenkins: Multiple security issues

2012-09-24 Thread James Page

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi Moritz On 21/09/12 09:16, Moritz Muehlenhoff wrote: > Please see > http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb > > CVE IDs have been assigned: > http://seclists.org/oss-sec/2012/q3/521 > > Remember Debian

Bug#688298: jenkins: Multiple security issues

2012-09-21 Thread Moritz Muehlenhoff

Package: jenkins Severity: grave Tags: security Justification: user security hole Please see http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb CVE IDs have been assigned: http://seclists.org/oss-sec/2012/q3/521 Remember Debian is frozen, so please upload only min