[Secure-testing-commits] r29292 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Oct 6 14:38:07 UTC 2014
Author: carnil
Date: 2014-10-06 14:38:07 +0000 (Mon, 06 Oct 2014)
New Revision: 29292
Modified:
data/CVE/list
Log:
Two jenkins CVEs for monitoring plugin
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-06 13:50:29 UTC (rev 29291)
+++ data/CVE/list 2014-10-06 14:38:07 UTC (rev 29292)
@@ -9471,13 +9471,11 @@
- jenkins 1.565.3-1 (bug #763899)
CVE-2014-3679 [lack of access control in the monitoring plug-in]
RESERVED
- - jenkins <unfixed>
- TODO: check
+ NOT-FOR-US: Jenkins monitoring plugin
NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
CVE-2014-3678 [cross-site scripting flaws in the monitoring plug-in]
RESERVED
- - jenkins <unfixed>
- TODO: check
+ NOT-FOR-US: Jenkins monitoring plugin
NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
CVE-2014-3677
RESERVED
More information about the Secure-testing-commits
mailing list