From owner-svn-ports-head@FreeBSD.ORG Thu Feb 20 18:11:26 2014
Return-Path: PostgreSQL Project reports: This update fixes CVE-2014-0060, in which PostgreSQL did not
+ properly enforce the WITH ADMIN OPTION permission for ROLE management.
+ Before this fix, any member of a ROLE was able to grant others access
+ to the same ROLE regardless if the member was given the WITH ADMIN
+ OPTION permission. It also fixes multiple privilege escalation issues,
+ including: CVE-2014-0061, CVE-2014-0062, CVE-2014-0063, CVE-2014-0064,
+ CVE-2014-0065, and CVE-2014-0066. More information on these issues can
+ be found on our security page and the security issue detail wiki page.
+
+ With this release, we are also alerting users to a known security hole
+ that allows other users on the same machine to gain access to an
+ operating system account while it is doing "make check":
+ CVE-2014-0067. "Make check" is normally part of building PostgreSQL
+ from source code. As it is not possible to fix this issue without
+ causing significant issues to our testing infrastructure, a patch will
+ be released separately and publicly. Until then, users are strongly
+ advised not to run "make check" on machines where untrusted users have
+ accounts. iSECURITY-105 In some places, Jenkins XML API uses XStream to deserialize
- arbitrary content, which is affected by CVE-2013-7285 reported
- against XStream. This allows malicious users of Jenkins with
- a limited set of permissions to execute arbitrary code inside
- Jenkins master.
+
+
+
SECURITY-76 & SECURITY-88 / CVE-2013-5573
Restrictions of HTML tags for user-editable contents are too - lax. This allows malicious users of Jenkins to trick other - unsuspecting users into providing sensitive information.
+ lax. This allows malicious users of Jenkins to trick other + unsuspecting users into providing sensitive information.SECURITY-109
Plugging a hole in the earlier fix to SECURITY-55. Under some - circimstances, a malicious user of Jenkins can configure job - X to trigger another job Y that the user has no access to.
+ circimstances, a malicious user of Jenkins can configure job + X to trigger another job Y that the user has no access to.SECURITY-108
CLI job creation had a directory traversal vulnerability. This - allows a malicious user of Jenkins with a limited set of - permissions to overwrite files in the Jenkins master and - escalate privileges.
+ allows a malicious user of Jenkins with a limited set of + permissions to overwrite files in the Jenkins master and + escalate privileges.SECURITY-106
The embedded Winstone servlet container is susceptive to - session hijacking attack.
+ session hijacking attack.SECURITY-93
The password input control in the password parameter - definition in the Jenkins UI was serving the actual value of - the password in HTML, not an encrypted one. If a sensitive - value is set as the default value of such a parameter - definition, it can be exposed to unintended audience.
+ definition in the Jenkins UI was serving the actual value of + the password in HTML, not an encrypted one. If a sensitive + value is set as the default value of such a parameter + definition, it can be exposed to unintended audience.SECURITY-89
Deleting the user was not invalidating the API token, - allowing users to access Jenkins when they shouldn't be - allowed to do so.
+ allowing users to access Jenkins when they shouldn't be + allowed to do so.SECURITY-80
@@ -151,52 +205,52 @@ Note: Please add new entries to the begSECURITY-79
"Jenkins' own user database" was revealing the - presence/absence of users when login attempts fail.
+ presence/absence of users when login attempts fail.SECURITY-77
Jenkins had a cross-site scripting vulnerability in one of its - cookies. If Jenkins is deployed in an environment that allows - an attacker to override Jenkins cookies in victim's browser, - this vulnerability can be exploited.
+ cookies. If Jenkins is deployed in an environment that allows + an attacker to override Jenkins cookies in victim's browser, + this vulnerability can be exploited.SECURITY-75
Jenkins was vulnerable to session fixation attack. If Jenkins - is deployed in an environment that allows an attacker to - override Jenkins cookies in victim's browser, this - vulnerability can be exploited.
+ is deployed in an environment that allows an attacker to + override Jenkins cookies in victim's browser, this + vulnerability can be exploited.SECURITY-74
Stored XSS vulnerability. A malicious user of Jenkins with a - certain set of permissions can cause Jenkins to store - arbitrary HTML fragment.
+ certain set of permissions can cause Jenkins to store + arbitrary HTML fragment.SECURITY-73
Some of the system diagnostic functionalities were checking a - lesser permission than it should have. In a very limited - circumstances, this can cause an attacker to gain information - that he shouldn't have access to.
+ lesser permission than it should have. In a very limited + circumstances, this can cause an attacker to gain information + that he shouldn't have access to.Severity