oss-sec mailing list archives
Re: Security advisory in Jenkins
From: Solar Designer <solar () openwall com>
Date: Thu, 2 Oct 2014 06:20:52 +0400
On Thu, Oct 02, 2014 at 06:11:27AM +0400, Solar Designer wrote:
Many of these issues were brought to the distros list on Fri Sep 26 17:10:16 2014 UTC, and got their CVE IDs assigned there. However, CVE-2013-2186 was not among those. I don't know why the old CVE ID, nor how that issue was handled.
Looks like it was already public in 2013: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2186 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2186 (and in many other places). I guess it was just not mentioned in an upstream advisory before, hence the mention now? Alexander
Current thread:
- Security advisory in Jenkins Kohsuke Kawaguchi (Oct 01)
- Re: Security advisory in Jenkins Solar Designer (Oct 01)
- Re: Security advisory in Jenkins Bryan Drewery (Oct 01)
- Re: Security advisory in Jenkins Solar Designer (Oct 01)
- Re: Security advisory in Jenkins Solar Designer (Oct 01)
- Re: Security advisory in Jenkins Kohsuke Kawaguchi (Oct 03)
- Re: Security advisory in Jenkins Luca Carettoni (Oct 03)
- Re: Security advisory in Jenkins Bryan Drewery (Oct 07)
- Re: Security advisory in Jenkins Kohsuke Kawaguchi (Oct 07)
- Re: Security advisory in Jenkins Solar Designer (Oct 01)
- Re: Re: Security advisory in Jenkins Reed Loden (Oct 06)
- Re: Re: Security advisory in Jenkins Kurt Seifried (Oct 06)