Back to bug 1036922
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Tomas Hoger | 2013-12-02 22:19:09 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2013-12-02 22:19:09 UTC | Doc Type | --- | Bug Fix |
| Tomas Hoger | 2013-12-02 22:20:06 UTC | CC | abaron, aortega, apevec, ayoung, bdunne, bgollahe, bkearney, bleanhar, briang, ccoleman, chrisw, cpelland, dallan, dmcphers, drieden, gkotton, hateya, jdetiber, jfrey, jialiu, jomara, jrafanie, kseifried, lhh, lmeyer, markmc, mmaslano, mmccune, obarenbo, pmyers, rbryant, sclewis, tdawson, tkramer, vondruch, xlecauch, yeylon | |
| Tomas Hoger | 2013-12-02 22:21:18 UTC | Whiteboard | impact=moderate,public=20131203,reported=20131201,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=notaffected | impact=moderate,public=20131203,reported=20131201,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=notaffected |
| Tomas Hoger | 2013-12-03 09:13:24 UTC | Depends On | 1036420 | |
| Tomas Hoger | 2013-12-03 09:31:45 UTC | Depends On | 1037487 | |
| Tomas Hoger | 2013-12-03 09:33:18 UTC | Depends On | 1036421 | |
| Tomas Hoger | 2013-12-04 08:49:48 UTC | Summary | EMBARGOED CVE-2013-4491 rubygem-actionpack: i18n missing translation XSS | CVE-2013-4491 rubygem-actionpack: i18n missing translation XSS |
| Tomas Hoger | 2013-12-04 08:50:04 UTC | Group | security, qe_staff | |
| Tomas Hoger | 2013-12-05 21:56:32 UTC | Blocks | 1036411 | |
| Kurt Seifried | 2013-12-18 03:44:48 UTC | Depends On | 1036415 | |
| John Skeoch | 2014-01-13 01:08:21 UTC | CC | hateya | |
| John Skeoch | 2014-03-17 02:02:42 UTC | CC | abaron | iheim |
| John Skeoch | 2014-06-18 07:58:36 UTC | CC | tkramer | mmcgrath |
| Garth Mollett | 2014-06-23 13:12:34 UTC | CC | gmollett | |
| Whiteboard | impact=moderate,public=20131203,reported=20131201,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=notaffected | impact=moderate,public=20131203,reported=20131201,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=notaffected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=notaffected | ||
| John Skeoch | 2014-06-24 00:10:42 UTC | CC | dallan | |
| Kurt Seifried | 2014-07-16 04:56:48 UTC | Depends On | 1120007 | |
| Kurt Seifried | 2014-07-16 04:57:07 UTC | Depends On | 1120008 | |
| Kurt Seifried | 2014-10-28 23:09:25 UTC | Whiteboard | impact=moderate,public=20131203,reported=20131201,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=notaffected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=notaffected | impact=moderate,public=20131203,reported=20131201,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=notaffected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=notaffected |
| Kurt Seifried | 2014-11-01 01:24:52 UTC | Depends On | 1159440 | |
| Kurt Seifried | 2014-11-05 05:21:22 UTC | Whiteboard | impact=moderate,public=20131203,reported=20131201,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=notaffected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=notaffected | impact=moderate,public=20131203,reported=20131201,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=notaffected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=wontfix,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=notaffected |
| John Skeoch | 2014-11-09 22:57:15 UTC | CC | jomara | athomas |
| Kurt Seifried | 2014-11-13 06:10:06 UTC | Blocks | 1000138 | |
| Martin Prpič | 2014-11-14 16:20:49 UTC | Doc Text | It was discovered that the internationalization component of Ruby on Rails could, under certain circumstances, return a fallback HTML string that contained user input. A remote attacker could possibly use this flaw to perform a reflective cross-site scripting (XSS) attack by providing a specially crafted input to an application using the aforementioned component. | |
| Kurt Seifried | 2014-11-18 20:49:35 UTC | Depends On | 1165370 | |
| Kurt Seifried | 2014-11-18 20:49:40 UTC | Depends On | 1165371 | |
| Ján Rusnačko | 2014-11-21 09:08:04 UTC | CC | jrusnack | |
| Whiteboard | impact=moderate,public=20131203,reported=20131201,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=notaffected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=wontfix,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=notaffected | impact=moderate,public=20131203,reported=20131201,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=notaffected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=wontfix,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=notaffected,cwe=CWE-79 | ||
| Kurt Seifried | 2015-01-17 05:35:48 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2015-01-17 00:35:48 UTC | |||
| Perry Myers | 2016-04-26 14:06:44 UTC | CC | pmyers | |
| Product Security DevOps Team | 2019-09-29 13:10:38 UTC | Whiteboard | impact=moderate,public=20131203,reported=20131201,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-actionpack=affected,rhscl-1.1/ruby200-rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,sam-1/rubygem-actionpack=affected,openshift-enterprise-1/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=affected,openshift-1/rubygem-actionpack=affected,openstack-3/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=notaffected,rhn_satellite_6/ruby193-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=wontfix,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=notaffected,cwe=CWE-79 | |
| Tomas Hoger | 2020-02-28 15:46:15 UTC | CC | hhorak, jorton, ruby-maint |
Back to bug 1036922