[Secure-testing-commits] r29292 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Mon Oct 6 14:38:07 UTC 2014


Author: carnil
Date: 2014-10-06 14:38:07 +0000 (Mon, 06 Oct 2014)
New Revision: 29292

Modified:
   data/CVE/list
Log:
Two jenkins CVEs for monitoring plugin

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-10-06 13:50:29 UTC (rev 29291)
+++ data/CVE/list	2014-10-06 14:38:07 UTC (rev 29292)
@@ -9471,13 +9471,11 @@
 	- jenkins 1.565.3-1 (bug #763899)
 CVE-2014-3679 [lack of access control in the monitoring plug-in]
 	RESERVED
-	- jenkins <unfixed>
-	TODO: check
+	NOT-FOR-US: Jenkins monitoring plugin
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
 CVE-2014-3678 [cross-site scripting flaws in the monitoring plug-in]
 	RESERVED
-	- jenkins <unfixed>
-	TODO: check
+	NOT-FOR-US: Jenkins monitoring plugin
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
 CVE-2014-3677
 	RESERVED




More information about the Secure-testing-commits mailing list