Back to bug 1319052
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Adam Mariš | 2016-03-18 14:30:28 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-03-18 14:30:28 UTC | Doc Type | --- | Bug Fix |
| Adam Mariš | 2016-03-18 14:33:07 UTC | Blocks | 1319056 | |
| Matthew Harmsen | 2016-03-18 17:57:04 UTC | CC | nkinder, rcritten | |
| Adam Mariš | 2016-04-04 08:44:05 UTC | CC | huzaifas | |
| Flags | needinfo?(huzaifas) | |||
| Huzaifa S. Sidhpurwala | 2016-04-05 04:46:42 UTC | Group | security, qe_staff | |
| Summary | EMBARGOED mod_nss: Invalid handling of +CIPHER operator | CVE-2016-3099 mod_nss: Invalid handling of +CIPHER operator | ||
| Alias | CVE-2016-3099 | |||
| Whiteboard | impact=low,public=no,reported=20160317,source=redhat,cvss2=1.9/AV:L/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-392,rhel-5/mod_nss=new,rhel-6/mod_nss=new,rhel-7/mod_nss=new,certificate_system_8/mod_nss=new,fedora-all/mod_nss=affected | impact=low,public=20160405,reported=20160317,source=redhat,cvss2=1.9/AV:L/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-392,rhel-5/mod_nss=new,rhel-6/mod_nss=new,rhel-7/mod_nss=affected,certificate_system_8/mod_nss=new,fedora-all/mod_nss=affected | ||
| Flags | needinfo?(huzaifas) | |||
| Huzaifa S. Sidhpurwala | 2016-04-05 04:48:34 UTC | Depends On | 1323913 | |
| Huzaifa S. Sidhpurwala | 2016-04-05 04:49:14 UTC | Depends On | 1323914 | |
| Huzaifa S. Sidhpurwala | 2016-04-05 04:49:27 UTC | Blocks | 1323912 | |
| Huzaifa S. Sidhpurwala | 2016-10-24 14:27:48 UTC | Doc Text | A flaw was found in the way mod_nss parsed certain OpenSSL-style cipher strings. As a result, mod_nss could potentially use ciphers that were not intended to be enabled. | |
| Huzaifa S. Sidhpurwala | 2016-11-04 07:59:49 UTC | Whiteboard | impact=low,public=20160405,reported=20160317,source=redhat,cvss2=1.9/AV:L/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-392,rhel-5/mod_nss=new,rhel-6/mod_nss=new,rhel-7/mod_nss=affected,certificate_system_8/mod_nss=new,fedora-all/mod_nss=affected | impact=low,public=20160405,reported=20160317,source=redhat,cvss2=1.9/AV:L/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-392,rhel-5/mod_nss=wontfix,rhel-6/mod_nss=wontfix,rhel-7/mod_nss=affected,certificate_system_8/mod_nss=wontfix,fedora-all/mod_nss=affected |
| Product Security DevOps Team | 2019-06-08 02:49:52 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Last Closed | 2019-06-08 02:49:52 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:45:56 UTC | Whiteboard | impact=low,public=20160405,reported=20160317,source=redhat,cvss2=1.9/AV:L/AC:M/Au:N/C:N/I:P/A:N,cwe=CWE-392,rhel-5/mod_nss=wontfix,rhel-6/mod_nss=wontfix,rhel-7/mod_nss=affected,certificate_system_8/mod_nss=wontfix,fedora-all/mod_nss=affected |
Back to bug 1319052