Back to bug 1310814
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-02-22 17:24:43 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-02-22 17:24:43 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-02-22 17:25:28 UTC | Blocks | 1301847 | |
| Tomas Hoger | 2016-02-25 20:26:50 UTC | Summary | EMBARGOED CVE-2016-0704 openssl: Bleichenbacher oracle in SSLv2 | EMBARGOED CVE-2016-0704 openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers |
| Whiteboard | impact=moderate,public=no,reported=20160222,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,rhel-5/openssl=new,rhel-5/openssl097a=new,rhel-6/openssl=new,rhel-6/openssl098e=new,rhel-7/openssl=new,rhel-7/openssl098e=new,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-6/openssl=new,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | impact=moderate,public=20160301,reported=20160222,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,rhel-5/openssl=new,rhel-5/openssl097a=new,rhel-6/openssl=new,rhel-6/openssl098e=new,rhel-7/openssl=new,rhel-7/openssl098e=new,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-6/openssl=new,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | ||
| Huzaifa S. Sidhpurwala | 2016-02-29 07:20:28 UTC | Whiteboard | impact=moderate,public=20160301,reported=20160222,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,rhel-5/openssl=new,rhel-5/openssl097a=new,rhel-6/openssl=new,rhel-6/openssl098e=new,rhel-7/openssl=new,rhel-7/openssl098e=new,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-6/openssl=new,fedora-all/openssl=affected,fedora-all/mingw-openssl=affected,epel-5/openssl101e=affected | impact=moderate,public=20160301,reported=20160222,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,rhel-5/openssl=notaffected,rhel-5/openssl097a=wontfix,rhel-6/openssl=notaffected,rhel-6/openssl098e=wontfix,rhel-7/openssl=notaffected,rhel-7/openssl098e=wontfix,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-6/openssl=new,fedora-all/openssl=notaffected,fedora-all/mingw-openssl=new,epel-5/openssl101e=notaffected |
| Martin Prpič | 2016-02-29 14:44:07 UTC | Doc Text | It was discovered that the SSLv2 protocol implementation in OpenSSL did not properly implement the Bleichenbacher protection for export cipher suites. An attacker could use a SSLv2 server using OpenSSL as a Bleichenbacher oracle. | |
| Huzaifa S. Sidhpurwala | 2016-03-01 14:15:04 UTC | Group | security, qe_staff | |
| Summary | EMBARGOED CVE-2016-0704 openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers | CVE-2016-0704 openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers | ||
| Norman Sardella | 2016-03-01 15:31:52 UTC | CC | sardella | |
| Tomas Hoger | 2016-03-01 22:56:25 UTC | Fixed In Version | openssl 1.0.2a, openssl 1.0.1m | openssl 1.0.2a, openssl 1.0.1m, openssl 1.0.0r, openssl 0.9.8zf |
| Tomas Hoger | 2016-03-02 11:20:56 UTC | Whiteboard | impact=moderate,public=20160301,reported=20160222,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,rhel-5/openssl=notaffected,rhel-5/openssl097a=wontfix,rhel-6/openssl=notaffected,rhel-6/openssl098e=wontfix,rhel-7/openssl=notaffected,rhel-7/openssl098e=wontfix,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-6/openssl=new,fedora-all/openssl=notaffected,fedora-all/mingw-openssl=new,epel-5/openssl101e=notaffected | impact=moderate,public=20160301,reported=20160222,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-6/openssl=new,fedora-all/openssl=notaffected,fedora-all/mingw-openssl=new,epel-5/openssl101e=notaffected |
| Slawomir Czarko | 2016-03-03 08:20:21 UTC | CC | slawomir | |
| Huzaifa S. Sidhpurwala | 2016-03-09 04:27:42 UTC | Whiteboard | impact=moderate,public=20160301,reported=20160222,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=wontfix,rhel-7/openssl=affected,rhel-7/openssl098e=wontfix,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-6/openssl=new,fedora-all/openssl=notaffected,fedora-all/mingw-openssl=new,epel-5/openssl101e=notaffected | impact=moderate,public=20160301,reported=20160222,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-6/openssl=new,fedora-all/openssl=notaffected,fedora-all/mingw-openssl=new,epel-5/openssl101e=notaffected |
| Harkanwal | 2016-06-13 06:24:38 UTC | CC | harkanwal.johar | |
| Product Security DevOps Team | 2019-09-29 13:44:17 UTC | Whiteboard | impact=moderate,public=20160301,reported=20160222,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,rhel-5/openssl=affected,rhel-5/openssl097a=wontfix,rhel-6/openssl=affected,rhel-6/openssl098e=affected,rhel-7/openssl=affected,rhel-7/openssl098e=affected,jbews-1/openssl=new,jbews-2/openssl=new,jbews-3/openssl=new,eap-6/openssl=new,fedora-all/openssl=notaffected,fedora-all/mingw-openssl=new,epel-5/openssl101e=notaffected | |
| PnT Account Manager | 2019-11-05 01:06:45 UTC | CC | psakar | |
| PnT Account Manager | 2020-10-16 22:24:38 UTC | CC | pgier | |
| Red Hat Bugzilla | 2021-02-16 02:43:33 UTC | CC | dknox | |
| Red Hat Bugzilla | 2021-02-16 03:17:33 UTC | CC | tmraz | |
| Joshua Padman | 2021-10-21 00:50:50 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2021-10-21 00:50:50 UTC |
Back to bug 1310814