Back to bug 1114425
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Murray McAllister | 2014-06-30 04:44:27 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2014-06-30 04:44:27 UTC | Doc Type | --- | Bug Fix |
| Murray McAllister | 2014-06-30 05:03:59 UTC | Blocks | 1114429 | |
| Tomas Hoger | 2014-07-01 08:56:25 UTC | CC | jrusnack | |
| Tomas Hoger | 2014-07-02 08:32:36 UTC | Depends On | 1115332 | |
| Tomas Hoger | 2014-07-02 08:32:47 UTC | Depends On | 1115334 | |
| Kurt Seifried | 2014-07-02 17:37:07 UTC | Whiteboard | impact=moderate,public=no,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,sam-1/ruby193-rubygem-activerecord=affected,cfme-5/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=new,rhscl-1/ruby193-rubygem-activerecord=affected,openstack-3/ruby193-rubygem-activerecord=affected,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,sam-1/ruby193-rubygem-activerecord=affected,cfme-5/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=new,rhscl-1/ruby193-rubygem-activerecord=affected,openstack-3/ruby193-rubygem-activerecord=affected,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected |
| Kurt Seifried | 2014-07-02 17:38:17 UTC | Summary | EMBARGOED CVE-2014-3482 rubygem-activerecord: SQL injection vulnerability in 'bitstring' quoting | CVE-2014-3482 rubygem-activerecord: SQL injection vulnerability in 'bitstring' quoting |
| Kurt Seifried | 2014-07-02 17:38:20 UTC | Group | security, qe_staff | |
| Kurt Seifried | 2014-07-02 19:03:26 UTC | Depends On | 1115628 | |
| Kurt Seifried | 2014-07-02 19:03:32 UTC | Depends On | 1115629 | |
| Kurt Seifried | 2014-07-02 19:46:20 UTC | Whiteboard | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,sam-1/ruby193-rubygem-activerecord=affected,cfme-5/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=new,rhscl-1/ruby193-rubygem-activerecord=affected,openstack-3/ruby193-rubygem-activerecord=affected,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,sam-1/ruby193-rubygem-activerecord=affected,cfme-5/ruby193-rubygem-activerecord=notaffected,rhscl-1/ror40-rubygem-activerecord=new,rhscl-1/ruby193-rubygem-activerecord=affected,openstack-3/ruby193-rubygem-activerecord=affected,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected |
| Murray McAllister | 2014-07-03 06:07:48 UTC | Depends On | 1115775 | |
| Murray McAllister | 2014-07-03 06:08:16 UTC | Depends On | 1115776 | |
| Tomas Hoger | 2014-07-03 06:52:18 UTC | Fixed In Version | rubygem-activerecord 3.2.19, rubygem-activerecord 4.0.0 | |
| Tomas Hoger | 2014-07-03 07:07:54 UTC | Whiteboard | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,sam-1/ruby193-rubygem-activerecord=affected,cfme-5/ruby193-rubygem-activerecord=notaffected,rhscl-1/ror40-rubygem-activerecord=new,rhscl-1/ruby193-rubygem-activerecord=affected,openstack-3/ruby193-rubygem-activerecord=affected,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=notaffected,sam-1/ruby193-rubygem-activerecord=affected,cfme-5/ruby193-rubygem-activerecord=notaffected,openstack-3/ruby193-rubygem-activerecord=affected,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected |
| Tomas Hoger | 2014-07-03 07:08:27 UTC | CC | bkabrda, jstribny, kanarip, katello-bugs, mastahnke, mmorsi, mtasaka, rhos-maint, sseago | |
| Martin Prpič | 2014-07-14 09:26:39 UTC | Doc Text | It was discovered that Active Record did not properly quote values of the bitstring type attributes when using the PostgreSQL database adapter. A remote attacker could possibly use this flaw to conduct an SQL injection attack against applications using Active Record. | |
| Dan Clarizio | 2014-08-18 15:36:17 UTC | CC | mpovolny | |
| Kurt Seifried | 2014-09-18 03:36:56 UTC | Whiteboard | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=notaffected,sam-1/ruby193-rubygem-activerecord=affected,cfme-5/ruby193-rubygem-activerecord=notaffected,openstack-3/ruby193-rubygem-activerecord=affected,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=affected,openshift-1/ruby193-rubygem-activerecord=affected,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=notaffected,sam-1/ruby193-rubygem-activerecord=affected,cfme-5/ruby193-rubygem-activerecord=notaffected,openstack-3/ruby193-rubygem-activerecord=affected,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=defer,openshift-1/ruby193-rubygem-activerecord=affected,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected |
| Kurt Seifried | 2014-09-18 03:46:08 UTC | Whiteboard | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=notaffected,sam-1/ruby193-rubygem-activerecord=affected,cfme-5/ruby193-rubygem-activerecord=notaffected,openstack-3/ruby193-rubygem-activerecord=affected,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=defer,openshift-1/ruby193-rubygem-activerecord=affected,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=notaffected,sam-1/ruby193-rubygem-activerecord=defer,cfme-5/ruby193-rubygem-activerecord=notaffected,openstack-3/ruby193-rubygem-activerecord=affected,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=defer,openshift-1/ruby193-rubygem-activerecord=affected,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected |
| Kurt Seifried | 2014-09-18 03:48:14 UTC | Depends On | 1143801 | |
| Garth Mollett | 2014-10-07 07:35:23 UTC | CC | gmollett | |
| Whiteboard | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=notaffected,sam-1/ruby193-rubygem-activerecord=defer,cfme-5/ruby193-rubygem-activerecord=notaffected,openstack-3/ruby193-rubygem-activerecord=affected,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=defer,openshift-1/ruby193-rubygem-activerecord=affected,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=notaffected,sam-1/ruby193-rubygem-activerecord=defer,cfme-5/ruby193-rubygem-activerecord=notaffected,openstack-3/ruby193-rubygem-activerecord=wontfix,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=defer,openshift-1/ruby193-rubygem-activerecord=affected,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected | ||
| Ján Rusnačko | 2014-10-20 11:59:43 UTC | Whiteboard | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=notaffected,sam-1/ruby193-rubygem-activerecord=defer,cfme-5/ruby193-rubygem-activerecord=notaffected,openstack-3/ruby193-rubygem-activerecord=wontfix,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=defer,openshift-1/ruby193-rubygem-activerecord=affected,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=notaffected,sam-1/ruby193-rubygem-activerecord=defer,cfme-5/ruby193-rubygem-activerecord=notaffected,openstack-3/ruby193-rubygem-activerecord=wontfix,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=defer,openshift-1/ruby193-rubygem-activerecord=affected,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cwe=CWE-89 |
| Kurt Seifried | 2014-10-28 23:04:43 UTC | Whiteboard | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=notaffected,sam-1/ruby193-rubygem-activerecord=defer,cfme-5/ruby193-rubygem-activerecord=notaffected,openstack-3/ruby193-rubygem-activerecord=wontfix,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=defer,openshift-1/ruby193-rubygem-activerecord=affected,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cwe=CWE-89 | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=notaffected,sam-1/ruby193-rubygem-activerecord=defer,cfme-5/ruby193-rubygem-activerecord=notaffected,openstack-3/ruby193-rubygem-activerecord=wontfix,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=wontfix,openshift-1/ruby193-rubygem-activerecord=affected,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cwe=CWE-89 |
| Kurt Seifried | 2014-11-06 07:02:22 UTC | Whiteboard | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=notaffected,sam-1/ruby193-rubygem-activerecord=defer,cfme-5/ruby193-rubygem-activerecord=notaffected,openstack-3/ruby193-rubygem-activerecord=wontfix,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=wontfix,openshift-1/ruby193-rubygem-activerecord=affected,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cwe=CWE-89 | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=notaffected,sam-1/ruby193-rubygem-activerecord=wontfix,cfme-5/ruby193-rubygem-activerecord=notaffected,openstack-3/ruby193-rubygem-activerecord=wontfix,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=wontfix,openshift-1/ruby193-rubygem-activerecord=affected,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cwe=CWE-89 |
| Tomas Hoger | 2014-11-06 09:45:46 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2014-11-06 04:45:46 UTC | |||
| John Skeoch | 2015-01-04 22:40:41 UTC | CC | vdanen | |
| Perry Myers | 2016-04-26 14:09:14 UTC | CC | pmyers | |
| Product Security DevOps Team | 2019-09-29 13:19:27 UTC | Whiteboard | impact=moderate,public=20140702,reported=20140630,source=distros,cvss2=4.3/AV:N/AC:M/Au:N/C:N/I:P/A:N,rhscl-1/ruby193-rubygem-activerecord=affected,rhscl-1/ror40-rubygem-activerecord=notaffected,sam-1/ruby193-rubygem-activerecord=wontfix,cfme-5/ruby193-rubygem-activerecord=notaffected,openstack-3/ruby193-rubygem-activerecord=wontfix,openstack-4/ruby193-rubygem-activerecord=affected,openshift-enterprise-1/ruby193-rubygem-activerecord=wontfix,openshift-1/ruby193-rubygem-activerecord=affected,fedora-19/rubygem-activerecord=affected,fedora-20/rubygem-activerecord=notaffected,epel-5/rubygem-activerecord=affected,cwe=CWE-89 |
Back to bug 1114425