Back to bug 1305971
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Kurt Seifried | 2016-02-09 17:23:43 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-02-09 17:23:43 UTC | Doc Type | --- | Bug Fix |
| Kurt Seifried | 2016-02-09 17:26:46 UTC | Blocks | 1305973 | |
| Kurt Seifried | 2016-02-09 17:36:18 UTC | Whiteboard | impact=moderate,public=no,reported=20160114,source=redhat,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cwe=CWE-704,rhel-7/libssh=affected | impact=moderate,public=no,reported=20160114,source=redhat,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cwe=CWE-704,rhel-7/libssh=affected,fedora-all/libssh=affected,epel-all/libssh=affected |
| Andreas Schneider | 2016-02-09 17:59:20 UTC | CC | stefw | |
| Andreas Schneider | 2016-02-17 09:52:15 UTC | CC | meissner | |
| Huzaifa S. Sidhpurwala | 2016-02-19 10:33:06 UTC | Depends On | 1310046 | |
| Huzaifa S. Sidhpurwala | 2016-02-19 10:33:15 UTC | Depends On | 1310047 | |
| Huzaifa S. Sidhpurwala | 2016-02-22 06:02:04 UTC | Whiteboard | impact=moderate,public=no,reported=20160114,source=redhat,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cwe=CWE-704,rhel-7/libssh=affected,fedora-all/libssh=affected,epel-all/libssh=affected | impact=moderate,public=20160223,reported=20160114,source=redhat,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cwe=CWE-704,rhel-7/libssh=affected,fedora-all/libssh=affected,epel-all/libssh=affected |
| Stef Walter | 2016-02-22 08:23:42 UTC | CC | kseifried | |
| Flags | needinfo?(kseifried) | |||
| Andreas Schneider | 2016-02-22 10:29:55 UTC | Flags | needinfo?(kseifried) | |
| Stef Walter | 2016-02-22 10:49:18 UTC | Flags | needinfo?(asn) | |
| Tomas Hoger | 2016-02-22 11:40:46 UTC | Attachment #1122470 Attachment is obsolete | 0 | 1 |
| Stef Walter | 2016-02-22 12:00:49 UTC | Flags | needinfo?(asn) | |
| Stef Walter | 2016-02-22 12:10:44 UTC | Status | NEW | MODIFIED |
| Andreas Schneider | 2016-02-23 09:02:37 UTC | Summary | EMBARGOED CVE-2016-0739 libssh: bits/bytes confuson resulting in truncated Difffie-Hellman secret length | EMBARGOED CVE-2016-0739 libssh: bits/bytes confusion resulting in truncated Difffie-Hellman secret length |
| Kurt Seifried | 2016-02-23 18:09:55 UTC | Summary | EMBARGOED CVE-2016-0739 libssh: bits/bytes confusion resulting in truncated Difffie-Hellman secret length | CVE-2016-0739 libssh: bits/bytes confusion resulting in truncated Difffie-Hellman secret length |
| Kurt Seifried | 2016-02-23 18:09:57 UTC | Group | security, qe_staff | |
| Tomas Hoger | 2016-02-23 18:16:02 UTC | Status | MODIFIED | NEW |
| Fixed In Version | libssh 0.7.3 | |||
| Tomas Hoger | 2016-02-23 18:19:16 UTC | Depends On | 1311259 | |
| Tomas Hoger | 2016-02-23 18:19:25 UTC | Depends On | 1311260 | |
| Kurt Seifried | 2016-02-23 19:38:34 UTC | Depends On | 1311276 | |
| Kurt Seifried | 2016-02-23 19:38:42 UTC | Depends On | 1311277 | |
| Martin Prpič | 2016-02-24 09:59:29 UTC | Doc Text | A type confusion issue was found in the way libssh generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters. | |
| Huzaifa S. Sidhpurwala | 2016-04-01 04:05:07 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-04-01 00:05:07 UTC | |||
| Slawomir Czarko | 2016-04-20 10:04:16 UTC | CC | slawomir | |
| Product Security DevOps Team | 2019-09-29 13:44:17 UTC | Whiteboard | impact=moderate,public=20160223,reported=20160114,source=redhat,cvss2=5.8/AV:N/AC:M/Au:N/C:P/I:P/A:N,cwe=CWE-704,rhel-7/libssh=affected,fedora-all/libssh=affected,epel-all/libssh=affected |
Back to bug 1305971