[Secure-testing-commits] r29200 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Thu Oct 2 07:26:46 UTC 2014


Author: carnil
Date: 2014-10-02 07:24:45 +0000 (Thu, 02 Oct 2014)
New Revision: 29200

Modified:
   data/CVE/list
Log:
Add part of the CVE assigned for jenkins, upstream security advisory need to be rechecked for these and tracker updated accordingly

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-10-02 05:33:50 UTC (rev 29199)
+++ data/CVE/list	2014-10-02 07:24:45 UTC (rev 29200)
@@ -8279,10 +8279,13 @@
 	RESERVED
 CVE-2014-3682
 	RESERVED
-CVE-2014-3681
+CVE-2014-3681 [SECURITY-143: XSS vulnerability in Jenkins core]
 	RESERVED
-CVE-2014-3680
+	- jenkins <undetermined>
+CVE-2014-3680 [SECURITY-138: Password exposure in DOM]
 	RESERVED
+	- jenkins <undetermined>
+	TODO: check
 CVE-2014-3679
 	RESERVED
 CVE-2014-3678
@@ -8307,20 +8310,32 @@
 	RESERVED
 CVE-2014-3668
 	RESERVED
-CVE-2014-3667
+CVE-2014-3667 [SECURITY-155: exposure of plugin code]
 	RESERVED
-CVE-2014-3666
+	- jenkins <undetermined>
+	TODO: check
+CVE-2014-3666 [SECURITY-150: remote code execution from CLI]
 	RESERVED
+	- jenkins <undetermined>
+	TODO: check
 CVE-2014-3665
 	RESERVED
-CVE-2014-3664
+CVE-2014-3664 [SECURITY-131: directory traversal attack]
 	RESERVED
-CVE-2014-3663
+	- jenkins <undetermined>
+	TODO: check
+CVE-2014-3663 [SECURITY-127/SECURITY-128: privilege escalation in job configuration permission]
 	RESERVED
-CVE-2014-3662
+	- jenkins <undetermined>
+	TODO: check
+CVE-2014-3662 [SECURITY-110: User name discovery]
+	- jenkins <undetermined>
+	TODO: check
 	RESERVED
-CVE-2014-3661
+CVE-2014-3661 [SECURITY-87: anonymous DoS attack through CLI handshake]
 	RESERVED
+	- jenkins <undetermined>
+	TODO: check
 CVE-2014-3660
 	RESERVED
 CVE-2014-3659




More information about the Secure-testing-commits mailing list