Back to bug 1302642
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-01-28 10:19:21 UTC | Depends On | 1302643 | |
| Adam Mariš | 2016-01-28 10:23:38 UTC | Blocks | 1302647 | |
| Salvatore Bonaccorso | 2016-01-29 18:40:39 UTC | CC | carnil | |
| Norman Sardella | 2016-02-05 14:34:45 UTC | CC | sardella | |
| Stefan Cornelius | 2016-02-08 10:22:32 UTC | Whiteboard | impact=important,public=20160108,reported=20160127,source=redhat,cvss2=7.0/AV:N/AC:M/Au:S/C:P/I:N/A:C,rhel-5/krb5=new,rhel-6/krb5=new,rhel-7/krb5=new,jbews-2/krb5=new,fedora-all/krb5=affected | impact=important,public=20160108,reported=20160127,source=redhat,cvss2=7.0/AV:N/AC:M/Au:S/C:P/I:N/A:C,rhel-5/krb5=affected,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=new,fedora-all/krb5=affected |
| Slawomir Czarko | 2016-02-11 09:39:40 UTC | CC | slawomir | |
| Cedric Buissart | 2016-02-11 13:07:59 UTC | Whiteboard | impact=important,public=20160108,reported=20160127,source=redhat,cvss2=7.0/AV:N/AC:M/Au:S/C:P/I:N/A:C,rhel-5/krb5=affected,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=new,fedora-all/krb5=affected | impact=important,public=20160108,reported=20160127,source=redhat,cvss2=4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P,rhel-5/krb5=affected,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=new,fedora-all/krb5=affected |
| Cedric Buissart | 2016-02-11 13:08:08 UTC | Whiteboard | impact=important,public=20160108,reported=20160127,source=redhat,cvss2=4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P,rhel-5/krb5=affected,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=new,fedora-all/krb5=affected | impact=moderate,public=20160108,reported=20160127,source=redhat,cvss2=4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P,rhel-5/krb5=affected,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=new,fedora-all/krb5=affected |
| Cedric Buissart | 2016-02-11 13:08:15 UTC | Severity | high | medium |
| Cedric Buissart | 2016-02-11 13:08:23 UTC | Priority | high | medium |
| Stefan Cornelius | 2016-02-11 14:36:43 UTC | Whiteboard | impact=moderate,public=20160108,reported=20160127,source=redhat,cvss2=4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P,rhel-5/krb5=affected,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=new,fedora-all/krb5=affected | impact=moderate,public=20160108,reported=20160127,source=redhat,cvss2=4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P,rhel-5/krb5=wontifx,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=new,fedora-all/krb5=affected |
| Tomas Hoger | 2016-02-12 07:19:50 UTC | Whiteboard | impact=moderate,public=20160108,reported=20160127,source=redhat,cvss2=4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P,rhel-5/krb5=wontifx,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=new,fedora-all/krb5=affected | impact=moderate,public=20160108,reported=20160127,source=redhat,cvss2=4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P,rhel-5/krb5=wontfix,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=new,fedora-all/krb5=affected |
| Cedric Buissart | 2016-02-12 10:19:42 UTC | Depends On | 1306969 | |
| Cedric Buissart | 2016-02-12 10:19:49 UTC | Depends On | 1306970 | |
| Cedric Buissart | 2016-02-12 10:22:50 UTC | Depends On | 1306973 | |
| Cedric Buissart | 2016-02-12 10:22:58 UTC | Depends On | 1306974 | |
| Cedric Buissart | 2016-02-16 14:45:42 UTC | Doc Text | A memory leak flaw was found in the krb5_unparse_name() function of the MIT krb5 kadmind service. An authenticated attacker could repeatedly send maliciously crafted requests to the server, which could cause the server to consume large amounts of memory resources, ultimately leading to a denial of service due to memory exhaustion. | |
| Cedric Buissart | 2016-02-16 15:30:10 UTC | Whiteboard | impact=moderate,public=20160108,reported=20160127,source=redhat,cvss2=4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P,rhel-5/krb5=wontfix,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=new,fedora-all/krb5=affected | impact=moderate,public=20160108,reported=20160127,source=redhat,cvss2=4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P,cwe=401,rhel-5/krb5=wontfix,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=new,fedora-all/krb5=affected |
| Cedric Buissart | 2016-02-16 15:31:03 UTC | Whiteboard | impact=moderate,public=20160108,reported=20160127,source=redhat,cvss2=4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P,cwe=401,rhel-5/krb5=wontfix,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=new,fedora-all/krb5=affected | impact=moderate,public=20160108,reported=20160127,source=redhat,cvss2=4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P,cwe=CWE-401,rhel-5/krb5=wontfix,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=new,fedora-all/krb5=affected |
| Martin Prpič | 2016-03-03 10:47:53 UTC | Doc Text | A memory leak flaw was found in the krb5_unparse_name() function of the MIT krb5 kadmind service. An authenticated attacker could repeatedly send maliciously crafted requests to the server, which could cause the server to consume large amounts of memory resources, ultimately leading to a denial of service due to memory exhaustion. | A memory leak flaw was found in the krb5_unparse_name() function of the MIT Kerberos kadmind service. An authenticated attacker could repeatedly send specially crafted requests to the server, which could cause the server to consume large amounts of memory resources, ultimately leading to a denial of service due to memory exhaustion. |
| Tomas Hoger | 2016-03-03 21:29:15 UTC | Fixed In Version | krb5 1.14.1, krb5 1.13.4 | |
| Tomas Hoger | 2016-04-01 07:07:52 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-04-01 03:07:52 UTC | |||
| Jason Shepherd | 2016-04-03 23:19:22 UTC | Whiteboard | impact=moderate,public=20160108,reported=20160127,source=redhat,cvss2=4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P,cwe=CWE-401,rhel-5/krb5=wontfix,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=new,fedora-all/krb5=affected | impact=moderate,public=20160108,reported=20160127,source=redhat,cvss2=4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P,cwe=CWE-401,rhel-5/krb5=wontfix,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=notaffected,fedora-all/krb5=affected |
| Product Security DevOps Team | 2019-09-29 13:43:28 UTC | Whiteboard | impact=moderate,public=20160108,reported=20160127,source=redhat,cvss2=4.0/AV:N/AC:L/Au:S/C:N/I:N/A:P,cwe=CWE-401,rhel-5/krb5=wontfix,rhel-6/krb5=affected,rhel-7/krb5=affected,jbews-2/krb5=notaffected,fedora-all/krb5=affected |
Back to bug 1302642