-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 10/01/13 15:46, Miguel Landaeta wrote: >>> We might want to consider whether updating unstable/testing to >>> 1.480.2 is actually the best way forward at this point in >>> time. > Hi James, > > I don't know if it is feasible at this point in the release cycle > to have a new upstream release of jenkins in sid even if it fixes > some security issues.
Agreed; its a last resort. > I backported the fix for CVE-2013-0158 from stable branch and I > applied it to 1.447.2+dfsg-2. It applies cleanly but I'm getting a > FTBFS. I don't have time to review it right now but I'll go back to > it later. > > I'm attaching the debdiff I got and the FTBFS log error. I did much the same for the version in Ubuntu 12.04 (1.424.6); and hit similar issues. The key problem is the extent of the patch to fix this issue and the amount of code change in the TCP/Agent communication area between 1.480.2 and earlier versions we already have packaged. I'm trying to get some advice from upstream on this - hopefully I'll hear back in the next ~24hrs > BTW, recently the team of developers with I work with began to use > Jenkins so I have some interest in it. If you are OK with that I > can jump in as co-maintainer. Yes please! Cheers James - -- James Page Ubuntu Core Developer Debian Maintainer james.p...@ubuntu.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iQIcBAEBCAAGBQJQ7vRvAAoJEL/srsug59jDePQP/3ZNVyvgr6jsG66T1Q/6QEkt HdtZd01UkKZyjmRFwjVDTA73Iu4Y8DI7xArmt4CwzMLwBom5T77wqI80zcr2IjpM /QRJmi9rycztfPvjdGfHSZDR2s/9i+nrHIEBEi+I35zkFROj9QTN6cbmytEw2/LU p7oEsiysl6n/zvj5DqnsH5VjvqmQ1Y7ovR7MBT27ZRTXI39k3dzIM8eOpU/la4Mw t2kKbMJ/M+Xm6eb5G1XHpogQ2/v7WRXMNy0LZdg18shsVrduMf99c+ScacdEWPYf txNos0lmjV+dWfXgQFUNn390Im/u3SceounIKQ9ppiiA4osmptn2x8fwcQHHR+Bg Ph2Yn+Oln7mIASoZ9Ge9MK3ydIDt4UHaAltGoJJdQc4gs9Zc7h/AhD0dwaNodk3E BB3yZOKE46kAhlUx4u6PDxy2k6FmJY0eTY3J3Rp1s2V6quaNI1xvnXDkTHfDpgFr zdznY6D5KTvuSvqXCrufg4z5D/yWev5OYLis+QYS0mf7QuOsg2F8EFRywupqps1P qi+1+dKdiNg94Xwh+Gwt8OpT44yhWWIp2Wcg+ujisBeKf+XDrb/7V3BZk9hYSkuv dETJrGPlKqkLvQv8fIpOhpENDYiMNtMtHGSs/C7UETcNnAH4LmsLt05GihxgFPQH yfY6QFN5a2Gt7Km9ymag =XG02 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
