[Secure-testing-commits] r20207 - data/CVE

[Henri Salo]

Author: fgeek-guest
Date: 2012-09-21 05:57:30 +0000 (Fri, 21 Sep 2012)
New Revision: 20207

Modified:
   data/CVE/list
Log:
multiple jenkins issues

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2012-09-21 05:36:09 UTC (rev 20206)
+++ data/CVE/list	2012-09-21 05:57:30 UTC (rev 20207)
@@ -1616,14 +1616,26 @@
 	RESERVED
 	- monkey <unfixed> (bug #688007)
 	NOTE: CVE-request http://www.openwall.com/lists/oss-security/2012/09/20/7
-CVE-2012-4441
+CVE-2012-4441 [jenkins XSS in CI game plugin]
 	RESERVED
-CVE-2012-4440
+	TODO: check
+	NOTE: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
+	NOTE: http://www.openwall.com/lists/oss-security/2012/09/21/1
+CVE-2012-4440 [jenkins XSS in Violations plugin]
 	RESERVED
-CVE-2012-4439
+	TODO: check
+	NOTE: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
+	NOTE: http://www.openwall.com/lists/oss-security/2012/09/21/1
+CVE-2012-4439 [jenkins XSS]
 	RESERVED
-CVE-2012-4438
+	TODO: check
+	NOTE: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
+	NOTE: http://www.openwall.com/lists/oss-security/2012/09/21/1
+CVE-2012-4438 [jenkins remote code execution]
 	RESERVED
+	TODO: check
+	NOTE: http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-09-17.cb
+	NOTE: http://www.openwall.com/lists/oss-security/2012/09/21/1
 CVE-2012-4437 [Smarty / php-Smarty: XSS in Smarty exception messages]
 	RESERVED
 	- smarty3 <unfixed> (bug #688153)