https://bugzilla.redhat.com/show_bug.cgi?id=1205632
Bug ID: 1205632 Summary: CVE-2015-1811 jenkins: External entity processing in XML can reveal sensitive local files (SECURITY-167) Product: Security Response Component: vulnerability Keywords: Security Severity: medium Priority: medium Assignee: security-response-team@redhat.com Reporter: vkaigoro@redhat.com CC: bleanhar@redhat.com, ccoleman@redhat.com, dmcphers@redhat.com, java-sig-commits@lists.fedoraproject.org, jdetiber@redhat.com, jialiu@redhat.com, jkeck@redhat.com, joelsmith@redhat.com, jokerman@redhat.com, kseifried@redhat.com, lmeyer@redhat.com, mmccomas@redhat.com, msrb@redhat.com
This vulnerability allows attackers to create malicious XML documents and feed that into Jenkins, which causes Jenkins to retrieve arbitrary XML document on the server, resulting in the exposure of sensitive information inside/outside Jenkins.
External References:
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-...
https://bugzilla.redhat.com/show_bug.cgi?id=1205632
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Blocks| |1205634
https://bugzilla.redhat.com/show_bug.cgi?id=1205632
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1205637
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1205637 [Bug 1205637] CVE-2015-1806 CVE-2015-1807 CVE-2015-1813 CVE-2015-1812 CVE-2015-1810 CVE-2015-1808 CVE-2015-1809 CVE-2015-1814 jenkins: various flaws [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1205632
Vasyl Kaigorodov vkaigoro@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1205638
https://bugzilla.redhat.com/show_bug.cgi?id=1205632
--- Comment #2 from Vasyl Kaigorodov vkaigoro@redhat.com ---
Created jenkins tracking bugs for this issue:
Affects: fedora-all [bug 1205637]
https://bugzilla.redhat.com/show_bug.cgi?id=1205632 Bug 1205632 depends on bug 1205637, which changed state.
Bug 1205637 Summary: CVE-2015-1806 CVE-2015-1807 CVE-2015-1813 CVE-2015-1812 CVE-2015-1811 CVE-2015-1810 CVE-2015-1808 CVE-2015-1809 CVE-2015-1814 jenkins: various flaws [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1205637
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Resolution|--- |ERRATA
https://bugzilla.redhat.com/show_bug.cgi?id=1205632
--- Comment #3 from Fedora Update System updates@fedoraproject.org --- jenkins-1.590-3.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1205632
--- Comment #4 from Fedora Update System updates@fedoraproject.org --- jenkins-1.606-1.fc22, jffi-1.2.7-5.fc22, jenkins-executable-war-1.29-4.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1205632
Kurt Seifried kseifried@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends On| |1248781
https://bugzilla.redhat.com/show_bug.cgi?id=1205632
--- Doc Text *updated* by Kurt Seifried kseifried@redhat.com --- It was found that Jenkins XML handling allows XML External Entity (XXE) expansion. A remote attacker with the ability to pass XML data to Jenkins could use this flaw to read arbitrary XML files on the Jenkins server.
https://bugzilla.redhat.com/show_bug.cgi?id=1205632
--- Doc Text *updated* by Martin Prpic mprpic@redhat.com --- It was found that Jenkins' XML handling allowed XML External Entity (XXE) expansion. A remote attacker with the ability to pass XML data to Jenkins could use this flaw to read arbitrary XML files on the Jenkins server.
https://bugzilla.redhat.com/show_bug.cgi?id=1205632
Kurt Seifried kseifried@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2015 |impact=moderate,public=2015 |0227,reported=20150325,sour |0227,reported=20150325,sour |ce=internet,cvss2=3.5/AV:N/ |ce=internet,cvss2=3.5/AV:N/ |AC:M/Au:S/C:P/I:N/A:N,fedor |AC:M/Au:S/C:P/I:N/A:N,cwe=6 |a-all/jenkins=affected,open |11,fedora-all/jenkins=affec |shift-enterprise-2/jenkins= |ted,openshift-enterprise-2/ |affected,openshift-1/jenkin |jenkins=affected,openshift- |s=affected |1/jenkins=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1205632
Kurt Seifried kseifried@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Whiteboard|impact=moderate,public=2015 |impact=moderate,public=2015 |0227,reported=20150325,sour |0227,reported=20150325,sour |ce=internet,cvss2=3.5/AV:N/ |ce=internet,cvss2=3.5/AV:N/ |AC:M/Au:S/C:P/I:N/A:N,cwe=6 |AC:M/Au:S/C:P/I:N/A:N,cwe=C |11,fedora-all/jenkins=affec |WE-611,fedora-all/jenkins=a |ted,openshift-enterprise-2/ |ffected,openshift-enterpris |jenkins=affected,openshift- |e-2/jenkins=affected,opensh |1/jenkins=affected |ift-1/jenkins=affected
https://bugzilla.redhat.com/show_bug.cgi?id=1205632
--- Comment #7 from errata-xmlrpc errata-xmlrpc@redhat.com --- This issue has been addressed in the following products:
RHEL 6 Version of OpenShift Enterprise 2.2
Via RHSA-2015:1844 https://rhn.redhat.com/errata/RHSA-2015-1844.html
https://bugzilla.redhat.com/show_bug.cgi?id=1205632
Kurt Seifried kseifried@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |ERRATA Last Closed| |2015-09-30 12:43:31
java-sig-commits@lists.fedoraproject.org