[Secure-testing-commits] r29244 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Oct 3 19:44:16 UTC 2014
Author: carnil
Date: 2014-10-03 19:44:15 +0000 (Fri, 03 Oct 2014)
New Revision: 29244
Modified:
data/CVE/list
Log:
Mark various CVEs for jenkins as fixed in unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-03 19:40:58 UTC (rev 29243)
+++ data/CVE/list 2014-10-03 19:44:15 UTC (rev 29244)
@@ -8315,11 +8315,10 @@
RESERVED
CVE-2014-3681 [SECURITY-143: XSS vulnerability in Jenkins core]
RESERVED
- - jenkins <undetermined>
+ - jenkins 1.565.3-1 (bug #763899)
CVE-2014-3680 [SECURITY-138: Password exposure in DOM]
RESERVED
- - jenkins <undetermined>
- TODO: check
+ - jenkins 1.565.3-1 (bug #763899)
CVE-2014-3679
RESERVED
CVE-2014-3678
@@ -8346,30 +8345,24 @@
RESERVED
CVE-2014-3667 [SECURITY-155: exposure of plugin code]
RESERVED
- - jenkins <undetermined>
- TODO: check
+ - jenkins 1.565.3-1 (bug #763899)
CVE-2014-3666 [SECURITY-150: remote code execution from CLI]
RESERVED
- - jenkins <undetermined>
- TODO: check
+ - jenkins 1.565.3-1 (bug #763899)
CVE-2014-3665
RESERVED
CVE-2014-3664 [SECURITY-131: directory traversal attack]
RESERVED
- - jenkins <undetermined>
- TODO: check
+ - jenkins 1.565.3-1 (bug #763899)
CVE-2014-3663 [SECURITY-127/SECURITY-128: privilege escalation in job configuration permission]
RESERVED
- - jenkins <undetermined>
- TODO: check
+ - jenkins 1.565.3-1 (bug #763899)
CVE-2014-3662 [SECURITY-110: User name discovery]
RESERVED
- - jenkins <undetermined>
- TODO: check
+ - jenkins 1.565.3-1 (bug #763899)
CVE-2014-3661 [SECURITY-87: anonymous DoS attack through CLI handshake]
RESERVED
- - jenkins <undetermined>
- TODO: check
+ - jenkins 1.565.3-1 (bug #763899)
CVE-2014-3660
RESERVED
CVE-2014-3659
@@ -13266,6 +13259,7 @@
NOT-FOR-US: Opera
CVE-2014-1869 (Multiple cross-site scripting (XSS) vulnerabilities in ...)
- db4o <unfixed> (unimportant)
+ - jenkins 1.565.3-1 (bug #763899)
NOTE: in -doc package
CVE-2013-7329 [information disclosure]
RESERVED
@@ -31483,6 +31477,7 @@
CVE-2013-2186 (The DiskFileItem class in Apache Commons FileUpload, as used in Red ...)
{DSA-2827-1}
- libcommons-fileupload-java 1.3-2.1 (bug #726601)
+ - jenkins 1.565.3-1 (bug #763899)
CVE-2013-2185 (** DISPUTED ** The readObject method in the DiskFileItem class in ...)
NOT-FOR-US: Red Hat JBoss Enterprise Application Platform
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=974813
More information about the Secure-testing-commits
mailing list