Hi, On Sun, Feb 16, 2014 at 01:45:49AM +0900, Nobuhiro Ban wrote: > Package: jenkins > Version: 1.509.2+dfsg-2 > Severity: grave > Tags: security > > Dear Maintainer, > > The upstream vendor announced a security advisory. > In this advisory, some vulnerabilities are rated high severity. > > https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14 > > SECURITY-105 > > affected by CVE-2013-7285 reported against XStream > > SECURITY-76 & SECURITY-88 / CVE-2013-5573 > > SECURITY-109 > > SECURITY-108 > > SECURITY-106 > > SECURITY-93 > > SECURITY-89 > > SECURITY-80 > > SECURITY-79 > > SECURITY-77 > > SECURITY-75 > > SECURITY-74 > > SECURITY-73
See http://www.openwall.com/lists/oss-security/2014/02/21/2, where some CVEs were assigned to identify the issues. Please include the CVE identifier in the changelog when fixing the corresponding issues. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
