Bug#697617: jenkins: remote code execution vulnerability
Miguel Landaeta
miguel at miguel.cc
Thu Jan 10 17:29:43 UTC 2013
On Thu, Jan 10, 2013 at 2:03 PM, James Page <james.page at ubuntu.com> wrote:
> I did much the same for the version in Ubuntu 12.04 (1.424.6); and hit
> similar issues. The key problem is the extent of the patch to fix this
> issue and the amount of code change in the TCP/Agent communication
> area between 1.480.2 and earlier versions we already have packaged.
Yeah, and besides that this is going to be a large patch. I don't
think Release Team is going to be much happy about that at this stage
either.
> I'm trying to get some advice from upstream on this - hopefully I'll
> hear back in the next ~24hrs
Good to know, I'll stay tuned.
>> BTW, recently the team of developers with I work with began to use
>> Jenkins so I have some interest in it. If you are OK with that I
>> can jump in as co-maintainer.
>
> Yes please!
Fine,
Cheers,
--
Miguel Landaeta, miguel at miguel.cc
secure email with PGP 0x6E608B637D8967E9 available at http://keyserver.pgp.com/
"Faith means not wanting to know what is true." -- Nietzsche
More information about the pkg-java-maintainers
mailing list