fyi, i've upgraded jenkins.ovirt.org to latest LTS version, due to security alert. [1] jenkins is now running 1.480.1 changelog: What's new in 1.480.1 (2012/11/17) FilePath.validateAntFileMask too slow for /configure (issue 7214) java.io.InvalidClassException (issue 14667) Log recorders do not work reliably (issue 15226) Invalid JSON is produced during remote api operations when a changeSet contains duplicate keys. (issue 13336) Memory exhaustion parsing large test stdio from Surefire (issue 15382) Fixed security vulnerabilities. (SECURITY-43,SECURITY-44,SECURITY-45) Eyal Edri. [1] ----- Forwarded Message ----- From: "Kohsuke Kawaguchi" <kk(a)kohsuke.org&gt; To: "Jenkins advisories" <jenkinsci-advisories(a)googlegroups.com&gt; Sent: Wednesday, November 21, 2012 1:14:15 AM Subject: Security advisory in Jenkins core We've identified and fixed several high vulnerabilities in Jenkins core. This affects all the releases to date: - mainline release <= 1.490 - LTS release <= 1.466.2 These vulnerabilities are discovered by Soroush Dalili, and we'd like to thank him. Please see [1] for more details. Customers of Jenkins Enterprise by CloudBees and DEV@cloud, please see the corresponding security advisory by CloudBees [2]. For more information about security advisories and ways to get notified, please see [3]. [1] https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+20... [2] http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-... [3] https://wiki.jenkins-ci.org/display/JENKINS/Security+Advisories -- Kohsuke Kawaguchi http://kohsuke.org/