[Secure-testing-commits] r33150 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Mar 26 06:03:41 UTC 2015
Author: carnil
Date: 2015-03-26 06:03:41 +0000 (Thu, 26 Mar 2015)
New Revision: 33150
Modified:
data/CVE/list
Log:
More CVEs from external check for jenkinks
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-26 06:01:28 UTC (rev 33149)
+++ data/CVE/list 2015-03-26 06:03:41 UTC (rev 33150)
@@ -2209,16 +2209,28 @@
RESERVED
- jenkins <unfixed>
TODO: check
-CVE-2015-1811
+CVE-2015-1811 [External entity processing in XML can reveal sensitive local files (SECURITY-167)]
RESERVED
-CVE-2015-1810
+ - jenkins <unfixed>
+ NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
+ TODO: check
+CVE-2015-1810 [HudsonPrivateSecurityRealm allows creation of reserved names (SECURITY-166)]
RESERVED
-CVE-2015-1809
+ - jenkins <unfixed>
+ NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
+ TODO: check
+CVE-2015-1809 [external entity injection via XPath (SECURITY-165)]
RESERVED
-CVE-2015-1808
+ - jenkins <unfixed>
+ NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
+ TODO: check
+CVE-2015-1808 [pdate center metadata retrieval DoS attack (SECURITY-163)]
RESERVED
-CVE-2015-1807
+CVE-2015-1807 [directory traversal from artifacts via symlink (SECURITY-162)]
RESERVED
+ - jenkins <unfixed>
+ NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
+ TODO: check
CVE-2015-1806 [Combination filter Groovy script unsecured (SECURITY-125)]
RESERVED
- jenkins <unfixed>
More information about the Secure-testing-commits
mailing list