Back to bug 1030807
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Huzaifa S. Sidhpurwala | 2013-11-15 08:19:00 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2013-11-15 08:19:00 UTC | Doc Type | --- | Bug Fix |
| Huzaifa S. Sidhpurwala | 2013-11-15 08:19:17 UTC | CC | emaldona, jkurik, pfrields | |
| Huzaifa S. Sidhpurwala | 2013-11-15 08:24:03 UTC | Blocks | 1030811 | |
| Tomas Hoger | 2013-11-15 14:10:44 UTC | CC | jkurik, pfrields | kengert, rrelyea |
| Fixed In Version | nss 3.14.5, nss 3.15.3 | |||
| Summary | EMBARGOED CVE-2013-5605 nss: Null_Cipher (used during handshake) does not respect maxOutputLen | EMBARGOED CVE-2013-5605 nss: Null_Cipher() does not respect maxOutputLen | ||
| Whiteboard | impact=moderate,public=no,reported=20131115,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected | impact=moderate,public=20131113,reported=20131114,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected | ||
| Tomas Hoger | 2013-11-15 14:12:36 UTC | Group | security, qe_staff | |
| Summary | EMBARGOED CVE-2013-5605 nss: Null_Cipher() does not respect maxOutputLen | CVE-2013-5605 nss: Null_Cipher() does not respect maxOutputLen | ||
| Huzaifa S. Sidhpurwala | 2013-11-18 02:58:00 UTC | Whiteboard | impact=moderate,public=20131113,reported=20131114,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected | impact=important,public=20131113,reported=20131114,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected |
| Huzaifa S. Sidhpurwala | 2013-11-18 03:32:38 UTC | Depends On | 1031463 | |
| Tomas Hoger | 2013-11-18 08:18:33 UTC | Priority | medium | high |
| Severity | medium | high | ||
| Huzaifa S. Sidhpurwala | 2013-11-19 05:31:31 UTC | Depends On | 1031897 | |
| Huzaifa S. Sidhpurwala | 2013-11-20 09:31:08 UTC | Summary | CVE-2013-5605 nss: Null_Cipher() does not respect maxOutputLen | CVE-2013-5605 nss: Null_Cipher() does not respect maxOutputLen (MFSA 2013-103) |
| Huzaifa S. Sidhpurwala | 2013-11-20 09:32:32 UTC | Depends On | 1032466 | |
| Huzaifa S. Sidhpurwala | 2013-11-20 09:33:12 UTC | Depends On | 1032468 | |
| Huzaifa S. Sidhpurwala | 2013-11-20 09:33:55 UTC | Depends On | 1032470 | |
| Huzaifa S. Sidhpurwala | 2013-11-20 09:34:24 UTC | Depends On | 1032472 | |
| Huzaifa S. Sidhpurwala | 2013-11-28 09:09:02 UTC | Whiteboard | impact=important,public=20131113,reported=20131114,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/nss=affected,rhel-6/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected | impact=important,public=20131113,reported=20131114,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/nss=affected,rhel-5.9.z/nss=affected,rhel-5.6.z/nss=affected,rhel-5.3.z/nss=affected,rhel-6/nss=affected,rhel-6.4.z/nss=affected,rhel-6.3.z/nss=affected,rhel-6.2.z/nss=affected,rhel-6.rhel-7/nss=affected,fedora-all/nss=affected |
| Huzaifa S. Sidhpurwala | 2013-11-28 09:12:12 UTC | Whiteboard | impact=important,public=20131113,reported=20131114,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/nss=affected,rhel-5.9.z/nss=affected,rhel-5.6.z/nss=affected,rhel-5.3.z/nss=affected,rhel-6/nss=affected,rhel-6.4.z/nss=affected,rhel-6.3.z/nss=affected,rhel-6.2.z/nss=affected,rhel-6.rhel-7/nss=affected,fedora-all/nss=affected | impact=important,public=20131113,reported=20131114,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/nss=affected,rhel-5.9.z/nss=affected,rhel-5.6.z/nss=affected,rhel-5.3.z/nss=affected,rhel-6/nss=affected,rhel-6.4.z/nss=affected,rhel-6.3.z/nss=affected,rhel-6.2.z/nss=affected,rhel-6,rhel-7/nss=affected,fedora-all/nss=affected |
| Tomas Hoger | 2013-11-28 09:23:14 UTC | Whiteboard | impact=important,public=20131113,reported=20131114,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/nss=affected,rhel-5.9.z/nss=affected,rhel-5.6.z/nss=affected,rhel-5.3.z/nss=affected,rhel-6/nss=affected,rhel-6.4.z/nss=affected,rhel-6.3.z/nss=affected,rhel-6.2.z/nss=affected,rhel-6,rhel-7/nss=affected,fedora-all/nss=affected | impact=important,public=20131113,reported=20131114,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/nss=affected,rhel-5.9.z/nss=affected,rhel-5.6.z/nss=affected,rhel-5.3.z/nss=affected,rhel-6/nss=affected,rhel-6.4.z/nss=affected,rhel-6.3.z/nss=affected,rhel-6.2.z/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected |
| Huzaifa S. Sidhpurwala | 2013-11-28 09:24:37 UTC | Depends On | 1035654 | |
| Huzaifa S. Sidhpurwala | 2013-11-28 09:25:01 UTC | Depends On | 1035655 | |
| Huzaifa S. Sidhpurwala | 2013-11-28 09:25:27 UTC | Depends On | 1035656 | |
| Huzaifa S. Sidhpurwala | 2013-11-28 09:25:51 UTC | Depends On | 1035658 | |
| Huzaifa S. Sidhpurwala | 2013-11-28 09:26:28 UTC | Depends On | 1035659 | |
| Huzaifa S. Sidhpurwala | 2013-11-28 09:26:53 UTC | Depends On | 1035660 | |
| Barry Gestwicki | 2013-12-02 15:10:30 UTC | CC | barrygestwicki | |
| Elio Maldonado Batiz | 2013-12-05 22:38:56 UTC | Status | NEW | MODIFIED |
| Fixed In Version | nss 3.14.5, nss 3.15.3 | nss-3.15.3-2.el6_5 | ||
| Huzaifa S. Sidhpurwala | 2013-12-06 02:34:26 UTC | Status | MODIFIED | NEW |
| Vincent Danen | 2015-08-24 15:41:23 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2015-08-24 11:41:23 UTC | |||
| Vincent Danen | 2015-10-15 18:04:49 UTC | Whiteboard | impact=important,public=20131113,reported=20131114,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/nss=affected,rhel-5.9.z/nss=affected,rhel-5.6.z/nss=affected,rhel-5.3.z/nss=affected,rhel-6/nss=affected,rhel-6.4.z/nss=affected,rhel-6.3.z/nss=affected,rhel-6.2.z/nss=affected,rhel-7/nss=affected,fedora-all/nss=affected | impact=important,public=20131113,reported=20131114,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/nss=affected,rhel-5.9.z/nss=affected,rhel-5.6.z/nss=affected,rhel-5.3.z/nss=affected,rhel-6/nss=affected,rhel-6.4.z/nss=affected,rhel-6.3.z/nss=affected,rhel-6.2.z/nss=affected,rhel-7/nss=notaffected,fedora-all/nss=affected |
| Product Security DevOps Team | 2019-09-29 13:09:54 UTC | Whiteboard | impact=important,public=20131113,reported=20131114,source=internet,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/nss=affected,rhel-5.9.z/nss=affected,rhel-5.6.z/nss=affected,rhel-5.3.z/nss=affected,rhel-6/nss=affected,rhel-6.4.z/nss=affected,rhel-6.3.z/nss=affected,rhel-6.2.z/nss=affected,rhel-7/nss=notaffected,fedora-all/nss=affected |
Back to bug 1030807