Back to bug 1301846
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Huzaifa S. Sidhpurwala | 2016-01-26 07:32:55 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-01-26 07:32:55 UTC | Doc Type | --- | Bug Fix |
| Huzaifa S. Sidhpurwala | 2016-01-26 07:35:47 UTC | Blocks | 1301847 | |
| Huzaifa S. Sidhpurwala | 2016-01-26 07:36:54 UTC | Depends On | 1301848 | |
| Huzaifa S. Sidhpurwala | 2016-01-26 07:37:02 UTC | Depends On | 1301849 | |
| Huzaifa S. Sidhpurwala | 2016-01-26 07:37:13 UTC | Depends On | 1301850 | |
| Huzaifa S. Sidhpurwala | 2016-01-26 07:37:23 UTC | Depends On | 1301851 | |
| Huzaifa S. Sidhpurwala | 2016-01-26 07:37:33 UTC | Depends On | 1301852 | |
| Huzaifa S. Sidhpurwala | 2016-01-28 08:41:15 UTC | Whiteboard | impact=moderate,public=no,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-6/openssl=affected,rhel-7/openssl=affected,fedora-all/openssl=affected | impact=low,public=no,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-6/openssl=affected,rhel-7/openssl=affected,fedora-all/openssl=affected |
| Huzaifa S. Sidhpurwala | 2016-01-28 09:08:06 UTC | Doc Text | A flaw was found in the way malicious SSL/TLS clients could negotiate SSLv2 ciphers that have been disabled on the server. This could result in weak SSLv2 ciphers being used for the SSL/TLS connection, making it vulnerable to MITM attacks. | |
| Martin Prpič | 2016-01-28 10:04:00 UTC | Doc Text | A flaw was found in the way malicious SSL/TLS clients could negotiate SSLv2 ciphers that have been disabled on the server. This could result in weak SSLv2 ciphers being used for the SSL/TLS connection, making it vulnerable to MITM attacks. | A flaw was found in the way malicious SSL/TLS clients could negotiate SSLv2 ciphers that have been disabled on the server. This could result in weak SSLv2 ciphers being used for SSL/TLS connections, making them vulnerable to man-in-the-middle attacks. |
| Martin Prpič | 2016-01-28 15:07:03 UTC | Whiteboard | impact=low,public=no,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-6/openssl=affected,rhel-7/openssl=affected,fedora-all/openssl=affected | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-6/openssl=affected,rhel-7/openssl=affected,fedora-all/openssl=affected |
| Martin Prpič | 2016-01-28 15:07:05 UTC | Summary | EMBARGOED CVE-2015-3197 OpenSSL: SSLv2 doesn't block disabled ciphers | CVE-2015-3197 OpenSSL: SSLv2 doesn't block disabled ciphers |
| Martin Prpič | 2016-01-28 15:07:07 UTC | Group | security, qe_staff | |
| Martin Prpič | 2016-01-28 15:10:55 UTC | Whiteboard | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-6/openssl=affected,rhel-7/openssl=affected,fedora-all/openssl=affected | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-6/openssl=affected,rhel-7/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected |
| Martin Prpič | 2016-01-28 15:11:04 UTC | CC | erik-fedora, ktietz, lfarkas, marcandre.lureau, redhat-bugzilla, rjones | |
| Martin Prpič | 2016-01-28 15:12:44 UTC | Depends On | 1302767 | |
| Martin Prpič | 2016-01-28 15:12:51 UTC | Depends On | 1302768 | |
| Martin Prpič | 2016-01-28 15:13:03 UTC | Depends On | 1302769 | |
| Andrej Nemec | 2016-01-29 09:39:03 UTC | Priority | medium | low |
| CC | anemec | |||
| Severity | medium | low | ||
| Paul Dwyer | 2016-01-29 16:29:00 UTC | CC | pdwyer | |
| Hubert Kario | 2016-01-29 18:21:26 UTC | CC | hkario | |
| Jay Shin | 2016-02-05 01:06:40 UTC | CC | jaeshin | |
| Link ID | Red Hat Knowledge Base (Solution) 2145861 | |||
| Yasuhiro Ozone | 2016-02-08 04:57:28 UTC | CC | yozone | |
| Slawomir Czarko | 2016-02-11 09:03:27 UTC | CC | slawomir | |
| Huzaifa S. Sidhpurwala | 2016-02-12 08:25:45 UTC | Whiteboard | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-6/openssl=affected,rhel-7/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,eap-6/openssl=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected |
| Muhammad Azhar Shaikh | 2016-02-15 02:32:43 UTC | CC | mdshaikh | |
| Moritoshi Oshiro | 2016-02-18 04:42:46 UTC | CC | moshiro | |
| Martin Prpič | 2016-02-29 13:20:01 UTC | Doc Text | A flaw was found in the way malicious SSL/TLS clients could negotiate SSLv2 ciphers that have been disabled on the server. This could result in weak SSLv2 ciphers being used for SSL/TLS connections, making them vulnerable to man-in-the-middle attacks. | A flaw was found in the way malicious SSLv2 clients could negotiate SSLv2 ciphers that have been disabled on the server. This could result in weak SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to man-in-the-middle attacks. |
| Timothy Walsh | 2016-02-29 13:31:20 UTC | Whiteboard | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,eap-6/openssl=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,eap-5/openssl=new,eap-6/openssl=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected |
| Timothy Walsh | 2016-02-29 13:31:30 UTC | CC | dandread, fnasser, huwang, lgao, myarboro, twalsh | |
| Timothy Walsh | 2016-02-29 13:44:55 UTC | Depends On | 1312901 | |
| Timothy Walsh | 2016-02-29 13:45:07 UTC | Depends On | 1312902 | |
| Timothy Walsh | 2016-02-29 13:45:25 UTC | Depends On | 1312903 | |
| Timothy Walsh | 2016-02-29 13:45:32 UTC | Depends On | 1312904 | |
| Kurt Seifried | 2016-03-01 20:11:51 UTC | Whiteboard | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,eap-5/openssl=new,eap-6/openssl=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,eap-5/openssl=new,eap-6/openssl=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhev-m-3/rhev-hypervisor=affected |
| Kurt Seifried | 2016-03-01 20:12:03 UTC | CC | alonbl, bmcclain, dblechte, fdeutsch, gklein, lsurette, mgoldboi, michal.skrivanek, pstehlik, sherold, ycui, ydary, yeylon, ykaul | |
| Kurt Seifried | 2016-03-01 20:16:44 UTC | Depends On | 1313535 | |
| Tomas Hoger | 2016-03-01 22:55:04 UTC | Fixed In Version | openssl 1.0.1r, openssl 1.0.2f | |
| Kurt Seifried | 2016-03-02 01:06:00 UTC | Whiteboard | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,eap-5/openssl=new,eap-6/openssl=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhev-m-3/rhev-hypervisor=affected | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,eap-5/openssl=new,eap-6/openssl=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhev-m-3/rhev-hypervisor=affected,rhel-7.2.z/rhel-guest-image=affected |
| Kurt Seifried | 2016-03-02 01:06:14 UTC | CC | jgregusk | |
| Kurt Seifried | 2016-03-02 01:14:50 UTC | Whiteboard | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,eap-5/openssl=new,eap-6/openssl=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhev-m-3/rhev-hypervisor=affected,rhel-7.2.z/rhel-guest-image=affected | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,eap-5/openssl=new,eap-6/openssl=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhev-m-3/rhev-hypervisor=affected,rhel-7.2.z/rhel-guest-image=affected,rhel-6.7.z/guest-images=affected |
| Kurt Seifried | 2016-03-02 01:26:42 UTC | Depends On | 1313595 | |
| Kurt Seifried | 2016-03-02 01:28:24 UTC | Depends On | 1313598 | |
| Timothy Walsh | 2016-03-02 04:57:38 UTC | Whiteboard | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,eap-5/openssl=new,eap-6/openssl=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhev-m-3/rhev-hypervisor=affected,rhel-7.2.z/rhel-guest-image=affected,rhel-6.7.z/guest-images=affected | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,eap-5/openssl=affected,eap-6/openssl=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhev-m-3/rhev-hypervisor=affected,rhel-7.2.z/rhel-guest-image=affected,rhel-6.7.z/guest-images=affected |
| Timothy Walsh | 2016-03-02 04:58:32 UTC | Depends On | 1313621 | |
| Radim Hatlapatka | 2016-03-11 08:43:39 UTC | CC | rhatlapa | |
| Summer Long | 2016-03-14 04:29:15 UTC | CC | slong | |
| Doc Text | A flaw was found in the way malicious SSLv2 clients could negotiate SSLv2 ciphers that have been disabled on the server. This could result in weak SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to man-in-the-middle attacks. | A flaw was found in the way malicious SSLv2 clients could negotiate SSLv2 ciphers that were disabled on the server. This could result in weak SSLv2 ciphers being used for SSLv2 connections, making them vulnerable to man-in-the-middle attacks. | ||
| Chess Hazlett | 2016-03-14 20:10:35 UTC | CC | chazlett | |
| John Skeoch | 2016-04-18 07:40:47 UTC | CC | yeylon | srevivo |
| Timothy Walsh | 2016-09-06 03:40:57 UTC | Whiteboard | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,eap-5/openssl=affected,eap-6/openssl=affected,jbews-1/openssl=affected,jbews-2/openssl=affected,jbews-3/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhev-m-3/rhev-hypervisor=affected,rhel-7.2.z/rhel-guest-image=affected,rhel-6.7.z/guest-images=affected | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,eap-5/openssl=wontfix,eap-6/openssl=affected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhev-m-3/rhev-hypervisor=affected,rhel-7.2.z/rhel-guest-image=affected,rhel-6.7.z/guest-images=affected |
| Levente Farkas | 2017-08-24 18:42:58 UTC | CC | lfarkas | |
| Scott Herold | 2017-09-12 15:32:58 UTC | CC | sherold | |
| PnT Account Manager | 2018-03-05 15:34:45 UTC | CC | rhatlapa | |
| PnT Account Manager | 2018-08-27 21:29:36 UTC | CC | mdshaikh | |
| PnT Account Manager | 2018-11-05 22:41:59 UTC | CC | ylavi | |
| Gil Klein | 2019-04-14 12:40:18 UTC | CC | gklein | |
| Vincent Danen | 2019-04-16 14:11:57 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-04-16 14:11:57 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:43:28 UTC | Whiteboard | impact=low,public=20160128,reported=20160126,source=upstream,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=affected,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,eap-5/openssl=wontfix,eap-6/openssl=affected,jbews-1/openssl=wontfix,jbews-2/openssl=affected,jbews-3/openssl=affected,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected,rhev-m-3/rhev-hypervisor=affected,rhel-7.2.z/rhel-guest-image=affected,rhel-6.7.z/guest-images=affected |
Back to bug 1301846