diff options
author | Li-Wen Hsu <lwhsu@FreeBSD.org> | 2022-02-10 16:00:36 +0000 |
---|---|---|
committer | Li-Wen Hsu <lwhsu@FreeBSD.org> | 2022-02-10 16:00:36 +0000 |
commit | 4cb4054476b28b5fd320a315f299e6a1645e99f3 (patch) | |
tree | ee6b83092d34bfca345528bf83b17c806514f80e | |
parent | f86825b0c9e891d0345f7ca11d1e368d66b5183a (diff) | |
download | ports-4cb4054476b28b5fd320a315f299e6a1645e99f3.tar.gz ports-4cb4054476b28b5fd320a315f299e6a1645e99f3.zip |
security/vuxml: Document Jenkins Security Advisory 2022-02-09
Sponsored by: The FreeBSD Foundation
-rw-r--r-- | security/vuxml/vuln-2022.xml | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml index b820879240b6..279497a8eafc 100644 --- a/security/vuxml/vuln-2022.xml +++ b/security/vuxml/vuln-2022.xml @@ -1,3 +1,36 @@ + <vuln vid="0b0ad196-1ee8-4a98-89b1-4d5d82af49a9"> + <topic>jenkins -- DoS vulnerability in bundled XStream library</topic> + <affects> + <package> + <name>jenkins</name> + <range><lt>2.334</lt></range> + </package> + <package> + <name>jenkins-lts</name> + <range><lt>2.319.3</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Jenkins Security Advisory:</p> + <blockquote cite="https://www.jenkins.io/security/advisory/2022-02-09/"> + <h1>Description</h1> + <h5>(Medium) SECURITY-2602 / CVE-2021-43859 (upstream issue), CVE-2022-0538 (Jenkins-specific converters)</h5> + <p>DoS vulnerability in bundled XStream library</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2021-43859</cvename> + <cvename>CVE-2022-0538</cvename> + <url>https://www.jenkins.io/security/advisory/2022-02-09/</url> + </references> + <dates> + <discovery>2022-02-09</discovery> + <entry>2022-02-10</entry> + </dates> + </vuln> + <vuln vid="ff5606f7-8a45-11ec-8be6-d4c9ef517024"> <topic>MariaDB -- Multiple vulnerabilities</topic> <affects> |