Add warnings for 2023-10-18 security advisory

jenkins-infra · Oct 18, 2023 · 4200956 · 4200956 · MarkEWaite · Oct 29, 2023
1 parent 4aced13
commit 4200956
Showing 1 changed file with 17 additions and 0 deletions.
diff --git a/resources/warnings.json b/resources/warnings.json
@@ -17181,5 +17181,22 @@
         "pattern": "(1|2[.][0-3]|2[.]4[.][01])(|[.-].+)"
       }
     ]
+  },
+  {
+    "id": "core-2_428",
+    "type": "core",
+    "name": "core",
+    "message": "HTTP/2 denial of service vulnerabilities in bundled Jetty",
+    "url": "https://www.jenkins.io/security/advisory/2023-10-18/",
+    "versions": [
+      {
+        "lastVersion": "2.427",
+        "pattern": "(1|2[.][0-9]|2[.]1[0-9]|2[.]10[0-9]|2[.]11[0-9]|2[.]12[0-9]|2[.]13[0-8]|2[.]14[0-9]|2[.]15[0-9]|2[.]16[0-9]|2[.]17[0-9]|2[.]18[012345679]|2[.]19[0-9]|2[.]2[0-9]|2[.]20[0-9]|2[.]21[012345789]|2[.]22[0-9]|2[.]23[0-9]|2[.]24[0-9]|2[.]25[0-9]|2[.]26[0-9]|2[.]27[0-9]|2[.]28[0-9]|2[.]29[0-9]|2[.]3[0-9]|2[.]30[0-9]|2[.]31[1-9]|2[.]32[0-9]|2[.]33[0-9]|2[.]34[0-9]|2[.]35[0456789]|2[.]36[0-9]|2[.]37[0-9]|2[.]38[0-9]|2[.]39[0-9]|2[.]4[0-9]|2[.]40[012345679]|2[.]41[012356789]|2[.]42[0-7]|2[.]5[0-9]|2[.]6[0-9]|2[.]7[0-9]|2[.]8[0-9]|2[.]9[0-9])(|[.-].+)|(2[.]414)"
+      },
+      {
+        "lastVersion": "LTS 2.414.2",
+        "pattern": "(1|2[.]107|2[.]121|2[.]138|2[.]150|2[.]164|2[.]176|2[.]19|2[.]190|2[.]204|2[.]222|2[.]235|2[.]249|2[.]263|2[.]277|2[.]289|2[.]303|2[.]319|2[.]32|2[.]332|2[.]346|2[.]361|2[.]375|2[.]387|2[.]401|2[.]414[.][12]|2[.]46|2[.]60|2[.]7|2[.]73|2[.]89)(|[.-].+)"
+      }
+    ]
   }
 ]