[Bug 1530463] New: CVE-2017-17485 jackson-databind: Unsafe deserialization due to incomplete black list ( incomplete fix for CVE-2017-15095) [fedora-all]
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1530463
Bug ID: 1530463
Summary: CVE-2017-17485 jackson-databind: Unsafe
deserialization due to incomplete black list
(incomplete fix for CVE-2017-15095) [fedora-all]
Product: Fedora
Version: 27
Component: jackson-databind
Keywords: Security, SecurityTracking
Severity: high
Priority: high
Assignee: puntogil(a)libero.it
Reporter: dmoppert(a)redhat.com
QA Contact: extras-qa(a)fedoraproject.org
CC: java-sig-commits(a)lists.fedoraproject.org,
lef(a)fedoraproject.org, puntogil(a)libero.it
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While only
one tracking bug has been filed, please correct all affected versions at
the same time. If you need to fix the versions independent of each other,
you may clone this bug as appropriate.
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 2 months
[Bug 1508110] CVE-2016-5002 xmlrpc: XML external entity vulnerability SSRF via a crafted DTD
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1508110
Mark Knowles <mknowles(a)redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |bleanhar(a)redhat.com,
| |ccoleman(a)redhat.com,
| |dedgar(a)redhat.com,
| |dmcphers(a)redhat.com,
| |jgoulding(a)redhat.com,
| |jkeck(a)redhat.com,
| |kseifried(a)redhat.com
Whiteboard|impact=moderate,public=2016 |impact=moderate,public=2016
|0524,reported=20160524,sour |0524,reported=20160524,sour
|ce=cve,cvss3=6.4/CVSS:3.0/A |ce=cve,cvss3=6.4/CVSS:3.0/A
|V:N/AC:L/PR:L/UI:N/S:C/C:L/ |V:N/AC:L/PR:L/UI:N/S:C/C:L/
|I:L/A:N,cwe=CWE-352,fedora- |I:L/A:N,cwe=CWE-352,fedora-
|all/xmlrpc=affected,rhel-5/ |all/xmlrpc=affected,rhel-5/
|xmlrpc=wontfix,rhel-6/xmlrp |xmlrpc=wontfix,rhel-6/xmlrp
|c3=wontfix,rhel-7/xmlrpc=wo |c3=wontfix,rhel-7/xmlrpc=wo
|ntfix,rhev-m-3/xmlrpc-commo |ntfix,rhev-m-3/xmlrpc-commo
|n=wontfix,rhscl-3/rh-java-c |n=wontfix,rhscl-3/rh-java-c
|ommon-xmlrpc=affected,rhes- |ommon-xmlrpc=affected,rhes-
|3/xmlrpc-common=wontfix,jbd |3/xmlrpc-common=wontfix,jbd
|s-8/xmlrpc=new,jbds-10/xmlr |s-8/xmlrpc=new,jbds-10/xmlr
|pc=new,fuse-6/camel-xmlrpc= |pc=new,fuse-6/camel-xmlrpc=
|new |new,openshift-enterprise-3/
| |xmlrpc-common=new
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 2 months
[Bug 1516791] New: CVE-2017-1000392 jenkins: Persisted XSS vulnerability in autocompletion suggestions
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1516791
Bug ID: 1516791
Summary: CVE-2017-1000392 jenkins: Persisted XSS vulnerability
in autocompletion suggestions
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: anemec(a)redhat.com
CC: bleanhar(a)redhat.com, ccoleman(a)redhat.com,
dedgar(a)redhat.com, dmcphers(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jgoulding(a)redhat.com, jkeck(a)redhat.com,
kseifried(a)redhat.com, mizdebsk(a)redhat.com,
msrb(a)redhat.com
Autocompletion suggestions for text fields were not escaped, resulting in a
persisted cross-site scripting vulnerability if the source for the suggestions
allowed specifying text that includes HTML metacharacters like less-than and
greater-than characters.
Known previously unsafe sources for these suggestions include the names of
loggers in the log recorder condition, and agent labels.
External References:
https://jenkins.io/security/advisory/2017-11-08/
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 2 months
[Bug 1516788] New: CVE-2017-1000391 jenkins: Unsafe use of user names as directory names
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1516788
Bug ID: 1516788
Summary: CVE-2017-1000391 jenkins: Unsafe use of user names as
directory names
Product: Security Response
Component: vulnerability
Keywords: Security
Severity: low
Priority: low
Assignee: security-response-team(a)redhat.com
Reporter: anemec(a)redhat.com
CC: bleanhar(a)redhat.com, ccoleman(a)redhat.com,
dedgar(a)redhat.com, dmcphers(a)redhat.com,
java-sig-commits(a)lists.fedoraproject.org,
jgoulding(a)redhat.com, jkeck(a)redhat.com,
kseifried(a)redhat.com, mizdebsk(a)redhat.com,
msrb(a)redhat.com
Jenkins stores metadata related to people, which encompasses actual user
accounts, as well as users appearing in SCM, in directories corresponding to
the user ID on disk. These directories used the user ID for their name without
additional escaping. This potentially resulted in a number of problems, such as
the following:
1. User names consisting of a single forward slash would have their user record
stored in the parent directory; deleting this user deleted all user records.
2. User names containing character sequences such as .. could be used to
clobber other configuration files in Jenkins.
This is not limited to the Jenkins user database security realm, other security
realms such as LDAP may allow users to create user names that result in
problems in Jenkins.
External References:
https://jenkins.io/security/advisory/2017-11-08/
--
You are receiving this mail because:
You are on the CC list for the bug.
6 years, 2 months