oss-sec mailing list archives
Re: CVE Request: Jenkins possible remote code execution
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 07 Jan 2013 14:17:28 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/07/2013 11:25 AM, Salvatore Bonaccorso wrote:
Hi There was another advisory for Jenkins[1]. According to the advisory remote code execution should be possible. Could a CVE be assigned to this issue? [1]: https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04 Regards, Salvatore
Please use CVE-2013-0158 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJQ6ztoAAoJEBYNRVNeJnmT9y4P/iSZl8Ef/39XfzxUpcMIuc1t S0glo/s0SPpYwibcr+qTvbj8BKSANrwQorQTj8zJaOkSXr+j/YxP2PNDRRjbiJs1 y+f2kcL0XsO0NCn6SXDeX/zU8j+i/0m8L2oUJrIGHtOm39G6qery32oIV4Siv6Ox TeCuoesiApiIrhp6b/EmtOGGH7MtLecXpTYc5EorIaXGuuDUtNocVwBegbZHd3Pl QqglBzIaB8nGXZBODL8Cg/WC8UIy8NCB/pDl48ESwluLTZg2hYHdjch8QlvPMSU2 9cIior6zb9f331q9x6vOZu36U8mnQCQ8nq/ryqj5bPCuHX6RMrvVPL6VGQhOUVI3 wqR+buXhxMVf8LCixjVx07nv2OvaSmN27EP5+S6d1XXwxilI2FZaug8HeuPRIcv3 x8FdZYlrfR6BJobONJ/esdlS14Ec99kqJT6sbg053HcWHHLZUGTmfny1bq3eTKFL 85HfqDSi9OmMbahu2SJ9q9Q8s7gTtAAoqU85SnjNiSCf0jZUgPibjFTcPy/lFLPH uA8lzN7V5Ms76CeHEAXmLyClkGWRsU3cgCf6aoebzePPLUhFKPQmb00G4UU0NCPW IhFlsVGykBM37ulLW12+uDNoafRkWNdGPT23pdO60gGlbp33/0lNjeqVBC/8zw1T vKknCoUeBz307WpFbOUk =09WE -----END PGP SIGNATURE-----
Current thread:
- CVE Request: Jenkins possible remote code execution Salvatore Bonaccorso (Jan 07)
- Re: CVE Request: Jenkins possible remote code execution Kurt Seifried (Jan 07)