← Back to branch summary

~ubuntu-branches/ubuntu/precise/jenkins/precise-updates

~ubuntu-branches/ubuntu/precise/jenkins/precise-updates

Viewing all changes in revision 16.

Committer: Package Import Robot
Author(s): James Page
Date: 2012-09-25 13:32:05 UTC
Revision ID: package-import@ubuntu.com-20120925133205-4qxozwylukgle0he

Tags: 1.424.6+dfsg-1ubuntu0.1

https://launchpad.net/bugs/1055416

* SECURITY UPDATE: Remote code execution and XSS vulnerabilities
  in Jenkins core (LP: #1055416):
  - d/p/security/CVE-2012-4438_CVE-2012-4439.patch: Cherry picked
    fixes from 1.466.2 release to resolve remote code execution
    and XSS security vulnerabilities.
  - http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
  - CVE-2012-4438
  - CVE-2012-4439

files added:
.pc/.quilt_patches

.pc/.quilt_series

.pc/security

.pc/security/CVE-2012-4438_CVE-2012-4439.patch

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/model

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/model/DownloadService.java

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/model/UpdateSite.java

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/search

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/search/Search.java

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/tasks

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/tasks/junit

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/tasks/junit/History.java

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/jenkins

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/jenkins/util

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/jenkins/util/JSONSignatureValidator.java

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/resources

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/resources/hudson

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/resources/hudson/tasks

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/resources/hudson/tasks/junit

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/resources/hudson/tasks/junit/History

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/resources/hudson/tasks/junit/History/index.jelly

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/war

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/war/src

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/war/src/main

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/war/src/main/webapp

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/war/src/main/webapp/scripts

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/war/src/main/webapp/scripts/hudson-behavior.js

core/src/main/java/jenkins/util

core/src/main/java/jenkins/util/JSONSignatureValidator.java

debian/patches/security

debian/patches/security/CVE-2012-4438_CVE-2012-4439.patch

files modified:
.pc/applied-patches

core/src/main/java/hudson/model/DownloadService.java

core/src/main/java/hudson/model/UpdateSite.java

core/src/main/java/hudson/search/Search.java

core/src/main/java/hudson/tasks/junit/History.java

core/src/main/resources/hudson/tasks/junit/History/index.jelly

debian/changelog

debian/control

debian/patches/series

war/src/main/webapp/scripts/hudson-behavior.js

Show diffs side-by-side

added added

removed removed

.pc/.quilt_patches

.pc/.quilt_series

.pc/applied-patches

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/model/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/model/DownloadService.java

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/model/UpdateSite.java

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/search/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/search/Search.java

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/tasks/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/tasks/junit/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/hudson/tasks/junit/History.java

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/jenkins/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/jenkins/util/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/java/jenkins/util/JSONSignatureValidator.java

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/resources/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/resources/hudson/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/resources/hudson/tasks/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/resources/hudson/tasks/junit/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/resources/hudson/tasks/junit/History/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/core/src/main/resources/hudson/tasks/junit/History/index.jelly

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/war/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/war/src/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/war/src/main/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/war/src/main/webapp/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/war/src/main/webapp/scripts/

.pc/security/CVE-2012-4438_CVE-2012-4439.patch/war/src/main/webapp/scripts/hudson-behavior.js

core/src/main/java/hudson/model/DownloadService.java

core/src/main/java/hudson/model/UpdateSite.java

core/src/main/java/hudson/search/Search.java

core/src/main/java/hudson/tasks/junit/History.java

core/src/main/java/jenkins/util/

core/src/main/java/jenkins/util/JSONSignatureValidator.java

core/src/main/resources/hudson/tasks/junit/History/index.jelly

debian/changelog

debian/patches/security/

debian/patches/security/CVE-2012-4438_CVE-2012-4439.patch

debian/patches/series

war/src/main/webapp/scripts/hudson-behavior.js

Older »