Back to bug 1298949
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Tomas Hoger | 2016-01-15 13:39:03 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-01-15 13:39:03 UTC | Doc Type | --- | Bug Fix |
| Tomas Hoger | 2016-01-15 13:39:09 UTC | Blocks | 1295699 | |
| Tomas Hoger | 2016-01-18 20:06:38 UTC | Doc Text | It was discovered that the password-based encryption (PBE) implementation in the Libraries component in OpenJDK used an incorrect key length. This could, in certain cases, lead to generation of keys that were weaker than expected. | |
| Tomas Hoger | 2016-01-19 21:52:11 UTC | Group | security, qe_staff | |
| Summary | EMBARGOED CVE-2016-0475 OpenJDK: PBE incorrect key lengths (Libraries, 8138589) | CVE-2016-0475 OpenJDK: PBE incorrect key lengths (Libraries, 8138589) | ||
| Tomas Hoger | 2016-01-19 22:34:19 UTC | Whiteboard | impact=moderate,public=20160119,reported=20160112,source=oracle,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/java-1.6.0-openjdk=notaffected,rhel-6/java-1.6.0-openjdk=notaffected,rhel-7/java-1.6.0-openjdk=notaffected,rhel-5/java-1.7.0-openjdk=notaffected,rhel-6/java-1.7.0-openjdk=notaffected,rhel-7/java-1.7.0-openjdk=notaffected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected | impact=moderate,public=20160119,reported=20160112,source=oracle,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/java-1.6.0-openjdk=notaffected,rhel-6/java-1.6.0-openjdk=notaffected,rhel-7/java-1.6.0-openjdk=notaffected,rhel-5/java-1.7.0-openjdk=notaffected,rhel-6/java-1.7.0-openjdk=notaffected,rhel-7/java-1.7.0-openjdk=notaffected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected,rhel-6/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-oracle=affected |
| Tomas Hoger | 2016-01-29 12:06:33 UTC | Whiteboard | impact=moderate,public=20160119,reported=20160112,source=oracle,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/java-1.6.0-openjdk=notaffected,rhel-6/java-1.6.0-openjdk=notaffected,rhel-7/java-1.6.0-openjdk=notaffected,rhel-5/java-1.7.0-openjdk=notaffected,rhel-6/java-1.7.0-openjdk=notaffected,rhel-7/java-1.7.0-openjdk=notaffected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected,rhel-6/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-oracle=affected | impact=moderate,public=20160119,reported=20160112,source=oracle,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/java-1.6.0-openjdk=notaffected,rhel-6/java-1.6.0-openjdk=notaffected,rhel-7/java-1.6.0-openjdk=notaffected,rhel-5/java-1.7.0-openjdk=notaffected,rhel-6/java-1.7.0-openjdk=notaffected,rhel-7/java-1.7.0-openjdk=notaffected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected,rhel-6/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-ibm=affected |
| Tomas Hoger | 2016-02-02 15:20:56 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-02-02 10:20:56 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:42:36 UTC | Whiteboard | impact=moderate,public=20160119,reported=20160112,source=oracle,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/java-1.6.0-openjdk=notaffected,rhel-6/java-1.6.0-openjdk=notaffected,rhel-7/java-1.6.0-openjdk=notaffected,rhel-5/java-1.7.0-openjdk=notaffected,rhel-6/java-1.7.0-openjdk=notaffected,rhel-7/java-1.7.0-openjdk=notaffected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected,rhel-6/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-ibm=affected |
Back to bug 1298949