[Secure-testing-commits] r29200 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Oct 2 07:26:46 UTC 2014
Author: carnil
Date: 2014-10-02 07:24:45 +0000 (Thu, 02 Oct 2014)
New Revision: 29200
Modified:
data/CVE/list
Log:
Add part of the CVE assigned for jenkins, upstream security advisory need to be rechecked for these and tracker updated accordingly
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-02 05:33:50 UTC (rev 29199)
+++ data/CVE/list 2014-10-02 07:24:45 UTC (rev 29200)
@@ -8279,10 +8279,13 @@
RESERVED
CVE-2014-3682
RESERVED
-CVE-2014-3681
+CVE-2014-3681 [SECURITY-143: XSS vulnerability in Jenkins core]
RESERVED
-CVE-2014-3680
+ - jenkins <undetermined>
+CVE-2014-3680 [SECURITY-138: Password exposure in DOM]
RESERVED
+ - jenkins <undetermined>
+ TODO: check
CVE-2014-3679
RESERVED
CVE-2014-3678
@@ -8307,20 +8310,32 @@
RESERVED
CVE-2014-3668
RESERVED
-CVE-2014-3667
+CVE-2014-3667 [SECURITY-155: exposure of plugin code]
RESERVED
-CVE-2014-3666
+ - jenkins <undetermined>
+ TODO: check
+CVE-2014-3666 [SECURITY-150: remote code execution from CLI]
RESERVED
+ - jenkins <undetermined>
+ TODO: check
CVE-2014-3665
RESERVED
-CVE-2014-3664
+CVE-2014-3664 [SECURITY-131: directory traversal attack]
RESERVED
-CVE-2014-3663
+ - jenkins <undetermined>
+ TODO: check
+CVE-2014-3663 [SECURITY-127/SECURITY-128: privilege escalation in job configuration permission]
RESERVED
-CVE-2014-3662
+ - jenkins <undetermined>
+ TODO: check
+CVE-2014-3662 [SECURITY-110: User name discovery]
+ - jenkins <undetermined>
+ TODO: check
RESERVED
-CVE-2014-3661
+CVE-2014-3661 [SECURITY-87: anonymous DoS attack through CLI handshake]
RESERVED
+ - jenkins <undetermined>
+ TODO: check
CVE-2014-3660
RESERVED
CVE-2014-3659
More information about the Secure-testing-commits
mailing list