Back to bug 1311910
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-02-25 10:08:15 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-02-25 10:08:15 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-02-25 10:17:36 UTC | Blocks | 1311915 | |
| Huzaifa S. Sidhpurwala | 2016-03-29 09:14:36 UTC | Whiteboard | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=new,rhel-5/samba3x=new,rhel-6/samba4=new,rhel-6/samba=new,rhel-7/samba=new,rhes-3.1/samba=new,fedora-all/samba=affected | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:27:11 UTC | Whiteboard | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=affected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=notaffected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:41 UTC | Depends On | 1322688 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:51 UTC | Depends On | 1322689 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:29:59 UTC | Depends On | 1322690 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:30:09 UTC | Depends On | 1322691 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 06:30:17 UTC | Depends On | 1322692 | |
| Huzaifa S. Sidhpurwala | 2016-03-31 08:23:11 UTC | CC | abokovoy, madam | |
| Huzaifa S. Sidhpurwala | 2016-03-31 08:32:53 UTC | CC | rhack | |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:35:20 UTC | Whiteboard | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=notaffected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=notaffected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:37:09 UTC | Whiteboard | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=notaffected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=affected,rhel-5.6.z/samba=affected,rhel-5.9.z/samba=affected,rhel-6.2.z/samba=affected,rhel-6.4.z/samba=affected,rhel-6.5.z/samba=affected,rhel-6.6.z/samba=affected,rhel-7.1.z/samba=affected | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=notaffected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=notaffected,rhel-5.6.z/samba=notaffected,rhel-5.9.z/samba=notaffected,rhel-6.2.z/samba=notaffected,rhel-6.4.z/samba=notaffected,rhel-6.5.z/samba=notaffected,rhel-6.6.z/samba=notaffected,rhel-7.1.z/samba=affected |
| Huzaifa S. Sidhpurwala | 2016-04-07 10:43:52 UTC | Depends On | 1324807 | |
| Huzaifa S. Sidhpurwala | 2016-04-08 15:59:59 UTC | Whiteboard | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=notaffected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=notaffected,rhel-5.6.z/samba=notaffected,rhel-5.9.z/samba=notaffected,rhel-6.2.z/samba=notaffected,rhel-6.4.z/samba=notaffected,rhel-6.5.z/samba=notaffected,rhel-6.6.z/samba=notaffected,rhel-7.1.z/samba=affected | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=notaffected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=notaffected,rhel-5.6.z/samba=notaffected,rhel-5.9.z/samba=notaffected,rhel-6.2.z/samba=notaffected,rhel-6.4.z/samba=notaffected,rhel-6.5.z/samba=notaffected,rhel-6.6.z/samba=notaffected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected |
| Huzaifa S. Sidhpurwala | 2016-04-08 16:03:06 UTC | Depends On | 1325382 | |
| Huzaifa S. Sidhpurwala | 2016-04-08 16:03:18 UTC | Depends On | 1325383 | |
| Huzaifa S. Sidhpurwala | 2016-04-08 16:03:28 UTC | Depends On | 1325384 | |
| Huzaifa S. Sidhpurwala | 2016-04-08 16:03:40 UTC | Depends On | 1325385 | |
| Huzaifa S. Sidhpurwala | 2016-04-09 05:15:16 UTC | Doc Text | It was found that Samba did not validate SSL/TLS certificates in certain connections. A man-in-the-middle attacker could use this flaw to spoof a Samba server using a specially crafted SSL/TLS certificate. | |
| Huzaifa S. Sidhpurwala | 2016-04-10 11:15:59 UTC | Depends On | 1325645 | |
| Huzaifa S. Sidhpurwala | 2016-04-10 11:23:48 UTC | Depends On | 1325649 | |
| Huzaifa S. Sidhpurwala | 2016-04-10 11:24:03 UTC | Depends On | 1325650 | |
| Huzaifa S. Sidhpurwala | 2016-04-10 11:24:15 UTC | Depends On | 1325651 | |
| Huzaifa S. Sidhpurwala | 2016-04-11 05:35:57 UTC | Whiteboard | impact=moderate,public=no,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=notaffected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=notaffected,rhel-5.6.z/samba=notaffected,rhel-5.9.z/samba=notaffected,rhel-6.2.z/samba=notaffected,rhel-6.4.z/samba=notaffected,rhel-6.5.z/samba=notaffected,rhel-6.6.z/samba=notaffected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected | impact=moderate,public=20160412,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=notaffected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=notaffected,rhel-5.6.z/samba=notaffected,rhel-5.9.z/samba=notaffected,rhel-6.2.z/samba=notaffected,rhel-6.4.z/samba=notaffected,rhel-6.5.z/samba=notaffected,rhel-6.6.z/samba=notaffected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected |
| Huzaifa S. Sidhpurwala | 2016-04-11 10:34:01 UTC | Whiteboard | impact=moderate,public=20160412,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=notaffected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=notaffected,rhel-5.6.z/samba=notaffected,rhel-5.9.z/samba=notaffected,rhel-6.2.z/samba=notaffected,rhel-6.4.z/samba=notaffected,rhel-6.5.z/samba=notaffected,rhel-6.6.z/samba=notaffected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected | impact=moderate,public=20160412,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=notaffected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=notaffected,rhel-5.6.z/samba=notaffected,rhel-5.9.z/samba=notaffected,rhel-6.2.z/samba=notaffected,rhel-6.4.z/samba=notaffected,rhel-6.5.z/samba=notaffected,rhel-6.6.z/samba=notaffected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected,rhel-5.6.z/samba3x=affected,rhel-5.9.z/samba3x=affected |
| Huzaifa S. Sidhpurwala | 2016-04-11 10:34:16 UTC | Whiteboard | impact=moderate,public=20160412,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=notaffected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=notaffected,rhel-5.6.z/samba=notaffected,rhel-5.9.z/samba=notaffected,rhel-6.2.z/samba=notaffected,rhel-6.4.z/samba=notaffected,rhel-6.5.z/samba=notaffected,rhel-6.6.z/samba=notaffected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected,rhel-5.6.z/samba3x=affected,rhel-5.9.z/samba3x=affected | impact=moderate,public=20160412,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=notaffected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=notaffected,rhel-5.6.z/samba=notaffected,rhel-5.9.z/samba=notaffected,rhel-6.2.z/samba=notaffected,rhel-6.4.z/samba=notaffected,rhel-6.5.z/samba=notaffected,rhel-6.6.z/samba=notaffected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected,rhel-5.6.z/samba3x=notaffected,rhel-5.9.z/samba3x=notaffected |
| Jose A. Rivera | 2016-04-12 12:28:52 UTC | Status | NEW | ON_QA |
| Fixed In Version | 4.2.11-1 | |||
| Tomas Hoger | 2016-04-12 12:38:36 UTC | Status | ON_QA | NEW |
| Fixed In Version | 4.2.11-1 | |||
| Huzaifa S. Sidhpurwala | 2016-04-12 14:26:48 UTC | Depends On | 1326369 | |
| Huzaifa S. Sidhpurwala | 2016-04-12 17:11:22 UTC | Group | security, qe_staff | |
| Summary | EMBARGOED CVE-2016-2113 samba: Server certificates not validated at client side | CVE-2016-2113 samba: Server certificates not validated at client side | ||
| Siddharth Sharma | 2016-04-12 17:27:46 UTC | Depends On | 1326453 | |
| Tomas Hoger | 2016-04-12 20:34:47 UTC | Fixed In Version | samba 4.4.2, samba 4.3.8, samba 4.2.11 | |
| Tomas Hoger | 2016-04-13 11:56:19 UTC | Depends On | 1326369 | |
| Tomas Hoger | 2016-04-13 12:48:17 UTC | Fixed In Version | samba 4.4.2, samba 4.3.8, samba 4.2.11 | samba 4.4.1, samba 4.3.7, samba 4.2.10 |
| Huzaifa S. Sidhpurwala | 2016-04-19 05:28:46 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2016-04-19 01:28:46 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:45:06 UTC | Whiteboard | impact=moderate,public=20160412,reported=20160224,source=upstream,cvss2=4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N,cwe=CWE-295,rhel-5/samba=notaffected,rhel-5/samba3x=notaffected,rhel-6/samba4=affected,rhel-6/samba=notaffected,rhel-7/samba=affected,rhes-3.1/samba=affected,fedora-all/samba=affected,rhel-4/samba=notaffected,rhel-5.6.z/samba=notaffected,rhel-5.9.z/samba=notaffected,rhel-6.2.z/samba=notaffected,rhel-6.4.z/samba=notaffected,rhel-6.5.z/samba=notaffected,rhel-6.6.z/samba=notaffected,rhel-7.1.z/samba=affected,rhel-6.2.z/samba4=affected,rhel-6.4.z/samba4=affected,rhel-6.5.z/samba4=affected,rhel-6.6.z/samba4=affected,rhel-5.6.z/samba3x=notaffected,rhel-5.9.z/samba3x=notaffected |
Back to bug 1311910