[Secure-testing-commits] r39479 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Feb 5 16:54:51 UTC 2016 

Author: carnil
Date: 2016-02-05 16:54:51 +0000 (Fri, 05 Feb 2016)
New Revision: 39479

Modified:
   data/CVE/list
Log:
Jenkins removed from the archive, #811522

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-02-05 15:05:11 UTC (rev 39478)
+++ data/CVE/list	2016-02-05 16:54:51 UTC (rev 39479)
@@ -7602,7 +7602,7 @@
 CVE-2015-8081 (The Field as Block module 7.x-1.x before 7.x-1.4 for Drupal might ...)
 	NOT-FOR-US: Field as Block module for Drupal
 CVE-2015-8103 (The Jenkins CLI subsystem in CloudBees Jenkins before 1.638 and LTS ...)
-	- jenkins <unfixed> (bug #804522)
+	- jenkins <removed> (bug #804522)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
 CVE-2015-XXXX [java unserialisation issues]
 	- libcommons-collections3-java 3.2.2-1 (unimportant)
@@ -11575,7 +11575,7 @@
 CVE-2015-6742 (Basware Banking (Maksuliikenne) before 8.90.07.X uses a hardcoded ...)
 	NOT-FOR-US: Basware Banking
 CVE-2015-XXXX [Cross Site Request Forgery / Code Execution]
-	- jenkins <unfixed>
+	- jenkins <removed>
 	NOTE: http://seclists.org/bugtraq/2015/Aug/161
 	NOTE: CVE Request: http://www.openwall.com/lists/oss-security/2015/09/01/8
 	TODO: check
@@ -15232,34 +15232,34 @@
 	- linux-2.6 <not-affected> (Only affected 4.3-rc1 onwards)
 	NOTE: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cc25b994acfbc901429da682d0f73c190e960206 (v4.4-rc1)
 CVE-2015-5326 (Cross-site scripting (XSS) vulnerability in the slave overview page in ...)
-	- jenkins <unfixed>
+	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
 CVE-2015-5325 (CloudBees Jenkins before 1.638 and LTS before 1.625.2 allow attackers ...)
-	- jenkins <unfixed>
+	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
 CVE-2015-5324 (CloudBees Jenkins before 1.638 and LTS before 1.625.2 allow remote ...)
-	- jenkins <unfixed>
+	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
 CVE-2015-5323 (CloudBees Jenkins before 1.638 and LTS before 1.625.2 do not properly ...)
-	- jenkins <unfixed>
+	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
 CVE-2015-5322 (Directory traversal vulnerability in CloudBees Jenkins before 1.638 ...)
-	- jenkins <unfixed>
+	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
 CVE-2015-5321 (The sidepanel widgets in the CLI command overview and help pages in ...)
-	- jenkins <unfixed>
+	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
 CVE-2015-5320 (CloudBees Jenkins before 1.638 and LTS before 1.625.2 do not properly ...)
-	- jenkins <unfixed>
+	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
 CVE-2015-5319 (XML external entity (XXE) vulnerability in the create-job CLI command ...)
-	- jenkins <unfixed>
+	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
 CVE-2015-5318 (CloudBees Jenkins before 1.638 and LTS before 1.625.2 uses a publicly ...)
-	- jenkins <unfixed>
+	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
 CVE-2015-5317 (The Fingerprints pages in CloudBees Jenkins before 1.638 and LTS ...)
-	- jenkins <unfixed>
+	- jenkins <removed>
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
 CVE-2015-5316 [EAP-pwd peer error path failure on unexpected Confirm message]
 	RESERVED
@@ -25781,33 +25781,33 @@
 CVE-2015-1815 (The get_rpm_nvr_by_file_path_temporary function in util.py in ...)
 	NOT-FOR-US: setroubleshoot
 CVE-2015-1814 (The API token-issuing service in CloudBees Jenkins before 1.606 and ...)
-	- jenkins <unfixed> (bug #781223)
+	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23
 CVE-2015-1813 (Cross-site scripting (XSS) vulnerability in CloudBees Jenkins before ...)
-	- jenkins <unfixed> (bug #781223)
+	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23
 CVE-2015-1812 (Cross-site scripting (XSS) vulnerability in CloudBees Jenkins before ...)
-	- jenkins <unfixed> (bug #781223)
+	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23
 CVE-2015-1811 [External entity processing in XML can reveal sensitive local files (SECURITY-167)]
 	RESERVED
-	- jenkins <unfixed> (bug #781223)
+	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
 CVE-2015-1810 (The HudsonPrivateSecurityRealm class in CloudBees Jenkins before 1.600 ...)
-	- jenkins <unfixed> (bug #781223)
+	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
 CVE-2015-1809 [external entity injection via XPath (SECURITY-165)]
 	RESERVED
-	- jenkins <unfixed> (bug #781223)
+	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
 CVE-2015-1808 (CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote ...)
-	- jenkins <unfixed> (bug #781223)
+	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
 CVE-2015-1807 (Directory traversal vulnerability in CloudBees Jenkins before 1.600 ...)
-	- jenkins <unfixed> (bug #781223)
+	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
 CVE-2015-1806 (The combination filter Groovy script in CloudBees Jenkins before 1.600 ...)
-	- jenkins <unfixed> (bug #781223)
+	- jenkins <removed> (bug #781223)
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
 CVE-2015-1805 (The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in ...)
 	{DSA-3290-1 DLA-246-1}
@@ -46627,7 +46627,7 @@
 CVE-2014-3666 (CloudBees Jenkins before 1.583 and LTS before 1.565.3 allows remote ...)
 	- jenkins 1.565.3-1 (bug #763899)
 CVE-2014-3665 (CloudBees Jenkins before 1.587 and LTS before 1.580.1 do not properly ...)
-	- jenkins <unfixed> (bug #767541)
+	- jenkins <removed> (bug #767541)
 	[jessie] - jenkins <no-dsa> (Backport not feasible, insecure feature is documented as such)
 	NOTE: For jessie, the backport is too intrusive and since it's a cornercase, it's only documented,
 	NOTE: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-30

More information about the Secure-testing-commits mailing list