svn commit: r474916 - head/security/vuxml
Li-Wen Hsu
lwhsu at FreeBSD.org
Wed Jul 18 23:15:45 UTC 2018
Author: lwhsu
Date: Wed Jul 18 23:15:43 2018
New Revision: 474916
URL: https://svnweb.freebsd.org/changeset/ports/474916
Log:
Update CVE number of 20a1881e-8a9e-11e8-bddf-d017c2ca229d
Sponsored by: The FreeBSD Foundation
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Wed Jul 18 23:13:29 2018 (r474915)
+++ head/security/vuxml/vuln.xml Wed Jul 18 23:15:43 2018 (r474916)
@@ -75,24 +75,31 @@ Notes:
<p>Jenkins Security Advisory:</p>
<blockquote cite="https://jenkins.io/security/advisory/2018-07-18/">
<h1>Description</h1>
- <h5>(High) SECURITY-897 / CVE pending</h5>
+ <h5>(High) SECURITY-897 / CVE-2018-1999001</h5>
<p>Users without Overall/Read permission can have Jenkins reset parts of global configuration on the next restart </p>
- <h5>(High) SECURITY-914 / CVE pending</h5>
+ <h5>(High) SECURITY-914 / CVE-2018-1999002</h5>
<p>Arbitrary file read vulnerability</p>
- <h5>(Medium) SECURITY-891 / CVE pending</h5>
+ <h5>(Medium) SECURITY-891 / CVE-2018-1999003</h5>
<p>Unauthorized users could cancel queued builds</p>
- <h5>(Medium) SECURITY-892 / CVE pending</h5>
+ <h5>(Medium) SECURITY-892 / CVE-2018-1999004</h5>
<p>Unauthorized users could initiate and abort agent launches</p>
- <h5>(Medium) SECURITY-944 / CVE pending</h5>
+ <h5>(Medium) SECURITY-944 / CVE-2018-1999005</h5>
<p>Stored XSS vulnerability</p>
- <h5>(Medium) SECURITY-925 / CVE pending</h5>
+ <h5>(Medium) SECURITY-925 / CVE-2018-1999006</h5>
<p>Unauthorized users are able to determine when a plugin was extracted from its JPI package</p>
- <h5>(Medium) SECURITY-390 / CVE pending</h5>
+ <h5>(Medium) SECURITY-390 / CVE-2018-1999007</h5>
<p>XSS vulnerability in Stapler debug mode</p>
</blockquote>
</body>
</description>
<references>
+ <cvename>CVE-2018-1999001</cvename>
+ <cvename>CVE-2018-1999002</cvename>
+ <cvename>CVE-2018-1999003</cvename>
+ <cvename>CVE-2018-1999004</cvename>
+ <cvename>CVE-2018-1999005</cvename>
+ <cvename>CVE-2018-1999006</cvename>
+ <cvename>CVE-2018-1999007</cvename>
<url>https://jenkins.io/security/advisory/2018-07-18/</url>
</references>
<dates>
More information about the svn-ports-all
mailing list