Bug#767541: jenkins: CVE-2014-3665
intrigeri
intrigeri at debian.org
Sat Nov 22 23:00:03 UTC 2014
Hi Emmanuel,
Emmanuel Bourg wrote (16 Nov 2014 12:06:07 GMT) :
> The new LTS is probably too big to be pushed to testing now. As an
> alternative I'm considering either disabling the master/slave mechanism,
> or adding a big red warning in the UI to inform the user about the risks.
Disabling the master/slave mechanism by default sounds good, as long
as there are means for users to re-enable it (I assume that's what you
meant, but let's make it clear).
Cheers,
--
intrigeri
More information about the pkg-java-maintainers
mailing list