oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Security advisory in Jenkins

From: Reed Loden <reed () reedloden com>
Date: Mon, 6 Oct 2014 15:38:07 -0700
You wait and just generally not worry about it... MITRE will slowly
update them at some future point based on information they collect.

~reed

On Mon, 06 Oct 2014 15:26:10 -0700
Kohsuke Kawaguchi <kk () kohsuke org> wrote:



I have another newbie question.

Someone told me that CVE website still shows these vulnerabilities as 
"reserved", such as
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3666

What do I need to do to get that status updated? I checked FAQ 
<http://cve.mitre.org/about/faqs.html> but didn't find any insights.


On 10/01/2014 04:25 PM, Kohsuke Kawaguchi wrote:

Hello,

I just wanted to share that the Jenkins project issued a security
advisory today. These issues are independently found and we've
aggregated into a single release.

The relevant CVE IDs, our bug tracking IDs are available here
<https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01>.

The new versions can be downloaded from here
<http://mirrors.jenkins-ci.org/>.

(This is the first time I do this, so my apologies in advance for
probably failing to follow the expected format.)
--
Kohsuke Kawaguchi



-- 
Kohsuke Kawaguchi                          http://kohsuke.org/
Previous By Date Next
Previous By Thread Next

Current thread: