https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04 There's an action-to-be-taken message in the management console for Jenkins. I haven't pushed the button for it yet (mainly because I'm not sure it's me who should be deciding this). frank