Date: Mon, 6 Oct 2014 15:38:07 -0700 From: Reed Loden <reed@...dloden.com> To: Kohsuke Kawaguchi <kk@...suke.org> Cc: oss-security@...ts.openwall.com Subject: Re: Re: Security advisory in Jenkins You wait and just generally not worry about it... MITRE will slowly update them at some future point based on information they collect. ~reed On Mon, 06 Oct 2014 15:26:10 -0700 Kohsuke Kawaguchi <kk@...suke.org> wrote: > > I have another newbie question. > > Someone told me that CVE website still shows these vulnerabilities as > "reserved", such as > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3666 > > What do I need to do to get that status updated? I checked FAQ > <http://cve.mitre.org/about/faqs.html> but didn't find any insights. > > > On 10/01/2014 04:25 PM, Kohsuke Kawaguchi wrote: > > Hello, > > > > I just wanted to share that the Jenkins project issued a security > > advisory today. These issues are independently found and we've > > aggregated into a single release. > > > > The relevant CVE IDs, our bug tracking IDs are available here > > <https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01>. > > > > The new versions can be downloaded from here > > <http://mirrors.jenkins-ci.org/>. > > > > (This is the first time I do this, so my apologies in advance for > > probably failing to follow the expected format.) > > -- > > Kohsuke Kawaguchi > > > -- > Kohsuke Kawaguchi http://kohsuke.org/
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.