Back to bug 1036409
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Kurt Seifried | 2013-12-01 22:30:50 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2013-12-01 22:30:50 UTC | Doc Type | --- | Bug Fix |
| Kurt Seifried | 2013-12-01 22:31:32 UTC | CC | abaron, aortega, apevec, ayoung, bdunne, bgollahe, bkearney, bleanhar, briang, ccoleman, chrisw, cpelland, dallan, dmcphers, drieden, gkotton, hateya, jdetiber, jfrey, jialiu, jomara, jrafanie, kseifried, lhh, lmeyer, markmc, mmaslano, mmccune, obarenbo, pmyers, rbryant, sclewis, tdawson, tkramer, vondruch, xlecauch, yeylon | |
| Kurt Seifried | 2013-12-01 22:41:32 UTC | Blocks | 1036411 | |
| Kurt Seifried | 2013-12-01 22:44:25 UTC | Depends On | 1036412 | |
| Kurt Seifried | 2013-12-01 22:44:50 UTC | Depends On | 1036413 | |
| Kurt Seifried | 2013-12-01 22:45:37 UTC | Depends On | 1036414 | |
| Kurt Seifried | 2013-12-01 22:47:02 UTC | Depends On | 1036415 | |
| Kurt Seifried | 2013-12-01 22:47:43 UTC | Depends On | 1036416 | |
| Kurt Seifried | 2013-12-01 22:49:33 UTC | Depends On | 1036417 | |
| Kurt Seifried | 2013-12-01 22:52:54 UTC | Depends On | 1036418 | |
| Kurt Seifried | 2013-12-01 22:56:28 UTC | Depends On | 1036419 | |
| Kurt Seifried | 2013-12-01 22:59:03 UTC | Depends On | 1036420 | |
| Kurt Seifried | 2013-12-01 22:59:33 UTC | Depends On | 1036421 | |
| Tomas Hoger | 2013-12-02 17:29:06 UTC | Fixed In Version | rubygem-actionpack 3.2.16, rubygem-actionpack 4.0.2 | |
| Summary | EMBARGOED CVE-2013-6417 rubygem-actionpack: Unsafe Query Generation Risk in Ruby on Rails (incomplete fix for CVE-2013-0155) | EMBARGOED CVE-2013-6417 rubygem-actionpack: unsafe query generation risk (incomplete fix for CVE-2013-0155) | ||
| Whiteboard | impact=important,public=no,reported=20131201,source=distros,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,fedora-all/rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-2/ruby193-rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,rhscl-1/rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,epel-5/rubygem-actionpack=new,openshift-1/rubygem-actionpack=new | impact=important,public=20131203,reported=20131201,source=distros,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1/ruby200-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-2/ruby193-rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=new,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=new | ||
| Tomas Hoger | 2013-12-02 20:12:36 UTC | Whiteboard | impact=important,public=20131203,reported=20131201,source=distros,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1/ruby200-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-enterprise-2/ruby193-rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=new,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=new | impact=important,public=20131203,reported=20131201,source=distros,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-1/rubygem-actionpack=new,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=new |
| Jordan OMara | 2013-12-02 20:35:10 UTC | CC | cwolfe | |
| Tomas Hoger | 2013-12-03 09:31:45 UTC | Depends On | 1037487 | |
| Kurt Seifried | 2013-12-03 19:22:54 UTC | CC | dajohnso | |
| Tomas Hoger | 2013-12-04 08:44:49 UTC | Summary | EMBARGOED CVE-2013-6417 rubygem-actionpack: unsafe query generation risk (incomplete fix for CVE-2013-0155) | CVE-2013-6417 rubygem-actionpack: unsafe query generation risk (incomplete fix for CVE-2013-0155) |
| Tomas Hoger | 2013-12-04 08:45:02 UTC | Group | security, qe_staff | |
| John Skeoch | 2014-01-13 01:08:13 UTC | CC | hateya | |
| John Skeoch | 2014-03-17 02:02:32 UTC | CC | abaron | iheim |
| Kurt Seifried | 2014-04-11 18:41:17 UTC | Summary | CVE-2013-6417 rubygem-actionpack: unsafe query generation risk (incomplete fix for CVE-2013-0155) | CVE-2013-6417 rubygem-actionpack: unsafe query generation risk (incomplete fix for CVE-2013- 0155) |
| Kurt Seifried | 2014-05-07 05:07:18 UTC | Blocks | 1095075 | |
| John Skeoch | 2014-06-18 07:58:36 UTC | CC | tkramer | mmcgrath |
| John Skeoch | 2014-06-24 00:10:31 UTC | CC | dallan | |
| Kurt Seifried | 2014-10-28 23:09:51 UTC | Whiteboard | impact=important,public=20131203,reported=20131201,source=distros,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-1/rubygem-actionpack=new,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=new | impact=important,public=20131203,reported=20131201,source=distros,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=affected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-1/rubygem-actionpack=new,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=new |
| Kurt Seifried | 2014-11-01 01:20:21 UTC | Depends On | 1159433 | |
| John Skeoch | 2014-11-09 22:57:15 UTC | CC | jomara | athomas |
| Kurt Seifried | 2014-11-18 20:44:39 UTC | Whiteboard | impact=important,public=20131203,reported=20131201,source=distros,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=affected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-1/rubygem-actionpack=new,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=new | impact=important,public=20131203,reported=20131201,source=distros,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=wontfix,rhn_satellite_6/ruby193-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-1/rubygem-actionpack=wontfix,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=new |
| Ján Rusnačko | 2014-11-21 16:20:27 UTC | CC | jrusnack | |
| Whiteboard | impact=important,public=20131203,reported=20131201,source=distros,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=wontfix,rhn_satellite_6/ruby193-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-1/rubygem-actionpack=wontfix,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=new | impact=important,public=20131203,reported=20131201,source=distros,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=wontfix,rhn_satellite_6/ruby193-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-1/rubygem-actionpack=wontfix,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=new,cwe=CWE-89 | ||
| Kurt Seifried | 2015-01-21 08:08:08 UTC | Whiteboard | impact=important,public=20131203,reported=20131201,source=distros,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=wontfix,rhn_satellite_6/ruby193-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-1/rubygem-actionpack=wontfix,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=new,cwe=CWE-89 | impact=important,public=20131203,reported=20131201,source=distros,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=wontfix,rhn_satellite_6/ruby193-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=wontfix,openshift-1/rubygem-actionpack=wontfix,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=new,cwe=CWE-89 |
| Kurt Seifried | 2015-07-04 15:44:43 UTC | Blocks | 1239193 | |
| Kurt Seifried | 2015-07-04 15:47:03 UTC | Depends On | 1036414 | |
| Kurt Seifried | 2015-07-04 15:47:27 UTC | Depends On | 1036414 | |
| Kurt Seifried | 2015-07-04 15:48:17 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2015-07-04 11:48:17 UTC | |||
| Perry Myers | 2016-04-27 03:45:09 UTC | CC | pmyers | |
| Product Security DevOps Team | 2019-09-29 13:10:38 UTC | Whiteboard | impact=important,public=20131203,reported=20131201,source=distros,cvss2=6.4/AV:N/AC:L/Au:N/C:P/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=wontfix,rhn_satellite_6/ruby193-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=wontfix,openshift-1/rubygem-actionpack=wontfix,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=new,cwe=CWE-89 | |
| Tomas Hoger | 2020-02-28 15:42:00 UTC | CC | hhorak, jorton, ruby-maint |
Back to bug 1036409