Jenkins running standalone (as it does in the Ubuntu packaging) is vulnerable to the Hash DoS attack as detailed here:
http://www.ocert.org/advisories/ocert-2011-003.html
Full details of the Jenkins vulnerability:
http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-01-10.cb
I believe this will require updates to jenkins-executable-war (1.25) and jenkins-winstone (0.9.10-jenkins-31):
Jenkins running standalone (as it does in the Ubuntu packaging) is vulnerable to the Hash DoS attack as detailed here:
http:// www.ocert. org/advisories/ ocert-2011- 003.html
Full details of the Jenkins vulnerability:
http:// www.cloudbees. com/jenkins- advisory/ jenkins- security- advisory- 2012-01- 10.cb
I believe this will require updates to jenkins- executable- war (1.25) and jenkins-winstone (0.9.10- jenkins- 31):