Back to bug 1164659
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Murray McAllister | 2014-11-17 05:10:42 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2014-11-17 05:10:42 UTC | Doc Type | --- | Bug Fix |
| Murray McAllister | 2014-11-17 05:12:37 UTC | Fixed In Version | rubygem-actionpack 3.2.21, rubygem-actionpack 4.0.12, rubygem-actionpack 4.1.8 | |
| Murray McAllister | 2014-11-17 05:13:26 UTC | Whiteboard | impact=low,public=no,reported=20141117,source=distros,cvss2=5.0/AV:N/AC:L/Au:N/C:P/I:N/A:N,sam-1/rubygem-actionpack=new,sam-1/ruby193-rubygem-actionpack=new,cfme-5/ruby193-rubygem-actionpack=new,rhscl-1/ror40-rubygem-actionpack=new,rhscl-1/ruby193-rubygem-actionpack=new,openstack-4/ruby193-rubygem-actionpack=new,openshift-1/ruby193-rubygem-actionpack=new,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=affected | impact=low,public=no,reported=20141117,source=distros,cvss2=5.0/AV:N/AC:L/Au:N/C:P/I:N/A:N,sam-1/rubygem-actionpack=new,sam-1/ruby193-rubygem-actionpack=new,cfme-5/ruby193-rubygem-actionpack=new,rhscl-1/ror40-rubygem-actionpack=new,rhscl-1/ruby193-rubygem-actionpack=new,openstack-4/ruby193-rubygem-actionpack=new,openshift-1/ruby193-rubygem-actionpack=new,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=affected,cwe=CWE-22->CWE-200 |
| Murray McAllister | 2014-11-17 05:44:43 UTC | Blocks | 1164667 | |
| Kurt Seifried | 2014-11-17 16:56:46 UTC | Whiteboard | impact=low,public=no,reported=20141117,source=distros,cvss2=5.0/AV:N/AC:L/Au:N/C:P/I:N/A:N,sam-1/rubygem-actionpack=new,sam-1/ruby193-rubygem-actionpack=new,cfme-5/ruby193-rubygem-actionpack=new,rhscl-1/ror40-rubygem-actionpack=new,rhscl-1/ruby193-rubygem-actionpack=new,openstack-4/ruby193-rubygem-actionpack=new,openshift-1/ruby193-rubygem-actionpack=new,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=affected,cwe=CWE-22->CWE-200 | impact=low,public=no,reported=20141117,source=distros,cvss2=5.0/AV:N/AC:L/Au:N/C:P/I:N/A:N,sam-1/rubygem-actionpack=new,sam-1/ruby193-rubygem-actionpack=new,cfme-5/ruby193-rubygem-actionpack=wontfix,rhscl-1/ror40-rubygem-actionpack=new,rhscl-1/ruby193-rubygem-actionpack=new,openstack-4/ruby193-rubygem-actionpack=new,openshift-1/ruby193-rubygem-actionpack=new,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=affected,cwe=CWE-22->CWE-200 |
| Kurt Seifried | 2014-11-17 17:10:12 UTC | Whiteboard | impact=low,public=no,reported=20141117,source=distros,cvss2=5.0/AV:N/AC:L/Au:N/C:P/I:N/A:N,sam-1/rubygem-actionpack=new,sam-1/ruby193-rubygem-actionpack=new,cfme-5/ruby193-rubygem-actionpack=wontfix,rhscl-1/ror40-rubygem-actionpack=new,rhscl-1/ruby193-rubygem-actionpack=new,openstack-4/ruby193-rubygem-actionpack=new,openshift-1/ruby193-rubygem-actionpack=new,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=affected,cwe=CWE-22->CWE-200 | impact=low,public=20141117,reported=20141117,source=distros,cvss2=5.0/AV:N/AC:L/Au:N/C:P/I:N/A:N,sam-1/rubygem-actionpack=new,sam-1/ruby193-rubygem-actionpack=new,cfme-5/ruby193-rubygem-actionpack=wontfix,rhscl-1/ror40-rubygem-actionpack=new,rhscl-1/ruby193-rubygem-actionpack=new,openstack-4/ruby193-rubygem-actionpack=new,openshift-1/ruby193-rubygem-actionpack=new,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=affected,cwe=CWE-22->CWE-200 |
| Kurt Seifried | 2014-11-17 17:11:08 UTC | Summary | EMBARGOED CVE-2014-7829 rubygem-actionpack: arbitrary file existence disclosure | CVE-2014-7829 rubygem-actionpack: arbitrary file existence disclosure |
| Kurt Seifried | 2014-11-17 17:11:10 UTC | Group | security, qe_staff | |
| Ján Rusnačko | 2014-11-18 09:42:31 UTC | CC | jrusnack | |
| Whiteboard | impact=low,public=20141117,reported=20141117,source=distros,cvss2=5.0/AV:N/AC:L/Au:N/C:P/I:N/A:N,sam-1/rubygem-actionpack=new,sam-1/ruby193-rubygem-actionpack=new,cfme-5/ruby193-rubygem-actionpack=wontfix,rhscl-1/ror40-rubygem-actionpack=new,rhscl-1/ruby193-rubygem-actionpack=new,openstack-4/ruby193-rubygem-actionpack=new,openshift-1/ruby193-rubygem-actionpack=new,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=affected,cwe=CWE-22->CWE-200 | impact=low,public=20141117,reported=20141117,source=distros,cvss2=5.0/AV:N/AC:L/Au:N/C:P/I:N/A:N,sam-1/rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=wontfix,rhscl-1/ror40-rubygem-actionpack=affected,rhscl-1/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=notaffected,cwe=CWE-22->CWE-200 | ||
| Ján Rusnačko | 2014-11-18 09:50:50 UTC | Depends On | 1165077 | |
| Ján Rusnačko | 2014-11-18 09:52:22 UTC | Summary | CVE-2014-7829 rubygem-actionpack: arbitrary file existence disclosure | CVE-2014-7829 rubygem-actionpack: incomplete fix for CVE-2014-7818, arbitrary file existence disclosure |
| Kurt Seifried | 2014-11-18 21:00:55 UTC | Depends On | 1165394 | |
| John Skeoch | 2015-01-04 22:49:22 UTC | CC | vdanen | |
| Vincent Danen | 2015-01-05 17:00:20 UTC | CC | vdanen | |
| Ján Rusnačko | 2015-01-21 13:54:41 UTC | Whiteboard | impact=low,public=20141117,reported=20141117,source=distros,cvss2=5.0/AV:N/AC:L/Au:N/C:P/I:N/A:N,sam-1/rubygem-actionpack=affected,sam-1/ruby193-rubygem-actionpack=affected,cfme-5/ruby193-rubygem-actionpack=wontfix,rhscl-1/ror40-rubygem-actionpack=affected,rhscl-1/ruby193-rubygem-actionpack=affected,openstack-4/ruby193-rubygem-actionpack=affected,openshift-1/ruby193-rubygem-actionpack=affected,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=notaffected,cwe=CWE-22->CWE-200 | impact=low,public=20141117,reported=20141117,source=distros,cvss2=5.0/AV:N/AC:L/Au:N/C:P/I:N/A:N,cwe=CWE-22->CWE-200,sam-1/rubygem-actionpack=wontfix,sam-1/ruby193-rubygem-actionpack=wontfix,cfme-5/ruby193-rubygem-actionpack=wontfix,rhscl-1/ror40-rubygem-actionpack=wontfix,rhscl-1/ruby193-rubygem-actionpack=wontfix,openstack-4/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=wontfix,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=notaffected |
| Ján Rusnačko | 2015-01-21 13:54:48 UTC | Status | NEW | CLOSED |
| Resolution | --- | WONTFIX | ||
| Last Closed | 2015-01-21 08:54:48 UTC | |||
| Perry Myers | 2016-04-26 14:20:06 UTC | CC | pmyers | |
| Product Security DevOps Team | 2019-09-29 13:23:55 UTC | Whiteboard | impact=low,public=20141117,reported=20141117,source=distros,cvss2=5.0/AV:N/AC:L/Au:N/C:P/I:N/A:N,cwe=CWE-22->CWE-200,sam-1/rubygem-actionpack=wontfix,sam-1/ruby193-rubygem-actionpack=wontfix,cfme-5/ruby193-rubygem-actionpack=wontfix,rhscl-1/ror40-rubygem-actionpack=wontfix,rhscl-1/ruby193-rubygem-actionpack=wontfix,openstack-4/ruby193-rubygem-actionpack=wontfix,openshift-1/ruby193-rubygem-actionpack=wontfix,fedora-all/rubygem-actionpack=affected,epel-5/rubygem-actionpack=notaffected |
Back to bug 1164659