Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20141006153807.78aedd9d.reed@reedloden.com>
Date: Mon, 6 Oct 2014 15:38:07 -0700
From: Reed Loden <reed@...dloden.com>
To: Kohsuke Kawaguchi <kk@...suke.org>
Cc: oss-security@...ts.openwall.com
Subject: Re: Re: Security advisory in Jenkins

You wait and just generally not worry about it... MITRE will slowly
update them at some future point based on information they collect.

~reed

On Mon, 06 Oct 2014 15:26:10 -0700
Kohsuke Kawaguchi <kk@...suke.org> wrote:

> 
> I have another newbie question.
> 
> Someone told me that CVE website still shows these vulnerabilities as 
> "reserved", such as
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3666
> 
> What do I need to do to get that status updated? I checked FAQ 
> <http://cve.mitre.org/about/faqs.html> but didn't find any insights.
> 
> 
> On 10/01/2014 04:25 PM, Kohsuke Kawaguchi wrote:
> > Hello,
> >
> > I just wanted to share that the Jenkins project issued a security
> > advisory today. These issues are independently found and we've
> > aggregated into a single release.
> >
> > The relevant CVE IDs, our bug tracking IDs are available here
> > <https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01>.
> >
> > The new versions can be downloaded from here
> > <http://mirrors.jenkins-ci.org/>.
> >
> > (This is the first time I do this, so my apologies in advance for
> > probably failing to follow the expected format.)
> > --
> > Kohsuke Kawaguchi
> 
> 
> -- 
> Kohsuke Kawaguchi                          http://kohsuke.org/

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.