From time to time, we issue a security advisory to report security problems in Hudson. You can receive notifications for such advisories in one of the following ways:
If you find a vulnerability in Hudson, please report it at Eclipse following the [ Policy here|https://www.eclipse.org/security/policy.php]. This details how to log a bug at Eclipse so that it can only be seen by the filer and Hudson Committers.
By restricting the access to the potential sensitive information, we can work on the problem and deliver the fix before the method of attack becomes well-known.