[Secure-testing-commits] r33155 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Thu Mar 26 08:35:30 UTC 2015
Author: jmm
Date: 2015-03-26 08:35:30 +0000 (Thu, 26 Mar 2015)
New Revision: 33155
Modified:
data/CVE/list
Log:
jenkins update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-03-26 08:15:18 UTC (rev 33154)
+++ data/CVE/list 2015-03-26 08:35:30 UTC (rev 33155)
@@ -2204,42 +2204,39 @@
CVE-2015-1814 [SECURITY-180, orced API token change]
RESERVED
- jenkins <unfixed>
- TODO: check
+ NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23
CVE-2015-1813 [SECURITY-177, Reflective XSS vulnerability]
RESERVED
- jenkins <unfixed>
- TODO: check
+ NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23
CVE-2015-1812 [SECURITY-171, Reflective XSS vulnerability]
RESERVED
- jenkins <unfixed>
- TODO: check
+ NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23
CVE-2015-1811 [External entity processing in XML can reveal sensitive local files (SECURITY-167)]
RESERVED
- jenkins <unfixed>
NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
- TODO: check
CVE-2015-1810 [HudsonPrivateSecurityRealm allows creation of reserved names (SECURITY-166)]
RESERVED
- jenkins <unfixed>
NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
- TODO: check
CVE-2015-1809 [external entity injection via XPath (SECURITY-165)]
RESERVED
- jenkins <unfixed>
NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
- TODO: check
CVE-2015-1808 [pdate center metadata retrieval DoS attack (SECURITY-163)]
RESERVED
+ - jenkins <unfixed>
+ NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
CVE-2015-1807 [directory traversal from artifacts via symlink (SECURITY-162)]
RESERVED
- jenkins <unfixed>
NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
- TODO: check
CVE-2015-1806 [Combination filter Groovy script unsecured (SECURITY-125)]
RESERVED
- jenkins <unfixed>
NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
- TODO: check
CVE-2015-1805
RESERVED
NOTE: Red Hat bug not accessible, Satement on
More information about the Secure-testing-commits
mailing list