Author: carnil
Date: 2014-10-06 14:38:07 +0000 (Mon, 06 Oct 2014)
New Revision: 29292
Modified:
data/CVE/list
Log:
Two jenkins CVEs for monitoring plugin
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2014-10-06 13:50:29 UTC (rev 29291)
+++ data/CVE/list 2014-10-06 14:38:07 UTC (rev 29292)
@@ -9471,13 +9471,11 @@
- jenkins 1.565.3-1 (bug #763899)
CVE-2014-3679 [lack of access control in the monitoring plug-in]
RESERVED
- - jenkins <unfixed>
- TODO: check
+ NOT-FOR-US: Jenkins monitoring plugin
NOTE:
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
CVE-2014-3678 [cross-site scripting flaws in the monitoring plug-in]
RESERVED
- - jenkins <unfixed>
- TODO: check
+ NOT-FOR-US: Jenkins monitoring plugin
NOTE:
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01
CVE-2014-3677
RESERVED
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
