-
Committer:
Package Import Robot
-
Author(s):
James Page, Steven McDonald, James Page
-
Date:
2013-01-29 12:24:30 UTC
-
Revision ID:
package-import@ubuntu.com-20130129122430-gtfznkyowt1h8b4r
Tags: 1.447.2+dfsg-3
[ Steven McDonald ]
* Fix multiple security issues in Jenkins core (Closes: #696816):
- d/p/security/CVE-2012-6073.patch: Cherry-picked a fix from 1.480.1
release to resolve an open redirect vulnerability.
- d/p/security/CVE-2012-6074.patch: Cherry-picked a fix from 1.480.1
release to resolve a cross-site scripting vulnerability.
- Fixes: CVE-2012-6073, CVE-2012-6074
[ James Page ]
* Ensure jenkins-winstone with fix for CVE-2012-6072 is picked up
during build (Closes: #696816):
- d/control: Version jenkins-winstone BD (>= 0.9.10-jenkins-37+dfsg-2~)
- Fixes: CVE-2012-6072