Back to bug 1320650
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Stefan Cornelius | 2016-03-23 17:14:42 UTC | CC | security-response-team | |
| Red Hat Bugzilla | 2016-03-23 17:14:42 UTC | Doc Type | --- | Bug Fix |
| Stefan Cornelius | 2016-03-23 17:21:47 UTC | Depends On | 1320655 | |
| Stefan Cornelius | 2016-03-23 17:21:55 UTC | Depends On | 1320656 | |
| Stefan Cornelius | 2016-03-23 17:22:02 UTC | Depends On | 1320657 | |
| Stefan Cornelius | 2016-03-23 17:22:09 UTC | Depends On | 1320658 | |
| Stefan Cornelius | 2016-03-23 17:22:16 UTC | Depends On | 1320659 | |
| Stefan Cornelius | 2016-03-23 17:22:22 UTC | Depends On | 1320661 | |
| Stefan Cornelius | 2016-03-23 17:22:29 UTC | Depends On | 1320662 | |
| Stefan Cornelius | 2016-03-23 17:22:36 UTC | Depends On | 1320664 | |
| Stefan Cornelius | 2016-03-23 17:22:44 UTC | Depends On | 1320665 | |
| Stefan Cornelius | 2016-03-23 17:22:53 UTC | Depends On | 1320667 | |
| Stefan Cornelius | 2016-03-23 17:23:00 UTC | Depends On | 1320668 | |
| Stefan Cornelius | 2016-03-23 17:23:07 UTC | Depends On | 1320669 | |
| Stefan Cornelius | 2016-03-23 17:23:15 UTC | Depends On | 1320670 | |
| Stefan Cornelius | 2016-03-23 17:23:20 UTC | Depends On | 1320671 | |
| Stefan Cornelius | 2016-03-23 17:23:28 UTC | Depends On | 1320672 | |
| Stefan Cornelius | 2016-03-23 17:23:33 UTC | Depends On | 1320673 | |
| Stefan Cornelius | 2016-03-23 17:23:40 UTC | Depends On | 1320674 | |
| Stefan Cornelius | 2016-03-23 17:23:46 UTC | Depends On | 1320675 | |
| Adam Mariš | 2016-03-23 17:31:33 UTC | Blocks | 1320678 | |
| Stefan Cornelius | 2016-03-23 18:16:44 UTC | CC | ahughes | |
| Tomas Hoger | 2016-03-23 20:20:26 UTC | Group | security, qe_staff | |
| Summary | EMBARGOED CVE-2016-0636 openjdk: out-of-band urgent security fix | CVE-2016-0636 OpenJDK: out-of-band urgent security fix | ||
| Whiteboard | impact=critical,public=no,reported=20160323,source=oracle,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,rhel-5/java-1.7.0-openjdk=affected,rhel-6/java-1.7.0-openjdk=affected,rhel-7/java-1.7.0-openjdk=affected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected,rhel-5/java-1.7.0-oracle=affected,rhel-6/java-1.7.0-oracle=affected,rhel-7/java-1.7.0-oracle=affected,rhel-6/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-oracle=affected | impact=critical,public=20160323,reported=20160323,source=oracle,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/java-1.7.0-openjdk=affected,rhel-6/java-1.7.0-openjdk=affected,rhel-7/java-1.7.0-openjdk=affected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected,rhel-5/java-1.7.0-oracle=affected,rhel-6/java-1.7.0-oracle=affected,rhel-7/java-1.7.0-oracle=affected,rhel-6/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-oracle=affected | ||
| Tomas Hoger | 2016-03-23 21:41:33 UTC | Summary | CVE-2016-0636 OpenJDK: out-of-band urgent security fix | CVE-2016-0636 OpenJDK: out-of-band urgent security fix (Hotspot, 8151666) |
| jiri vanek | 2016-03-24 11:23:29 UTC | Depends On | 1320961 | |
| Stefan Cornelius | 2016-03-24 11:58:13 UTC | Doc Text | An improper type safety check was discovered in the Hotspot component. An untrusted Java application or applet could use this flaw to bypass Java Sandbox restrictions. | |
| Stefan Cornelius | 2016-03-24 14:06:42 UTC | Whiteboard | impact=critical,public=20160323,reported=20160323,source=oracle,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,rhel-5/java-1.7.0-openjdk=affected,rhel-6/java-1.7.0-openjdk=affected,rhel-7/java-1.7.0-openjdk=affected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected,rhel-5/java-1.7.0-oracle=affected,rhel-6/java-1.7.0-oracle=affected,rhel-7/java-1.7.0-oracle=affected,rhel-6/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-oracle=affected | impact=critical,public=20160323,reported=20160323,source=oracle,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-358,rhel-5/java-1.7.0-openjdk=affected,rhel-6/java-1.7.0-openjdk=affected,rhel-7/java-1.7.0-openjdk=affected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected,rhel-5/java-1.7.0-oracle=affected,rhel-6/java-1.7.0-oracle=affected,rhel-7/java-1.7.0-oracle=affected,rhel-6/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-oracle=affected |
| Tomas Hoger | 2016-03-31 20:08:09 UTC | Status | NEW | CLOSED |
| Resolution | --- | ERRATA | ||
| Summary | CVE-2016-0636 OpenJDK: out-of-band urgent security fix (Hotspot, 8151666) | CVE-2016-0636 OpenJDK: missing type safety checks for MethodHandle calls across class loaders, incorrect CVE-2013-5838 fix (Hotspot, 8151666) | ||
| Last Closed | 2016-03-31 16:08:09 UTC | |||
| Product Security DevOps Team | 2019-09-29 13:46:44 UTC | Whiteboard | impact=critical,public=20160323,reported=20160323,source=oracle,cvss2=6.8/AV:N/AC:M/Au:N/C:P/I:P/A:P,cwe=CWE-358,rhel-5/java-1.7.0-openjdk=affected,rhel-6/java-1.7.0-openjdk=affected,rhel-7/java-1.7.0-openjdk=affected,rhel-6/java-1.8.0-openjdk=affected,rhel-7/java-1.8.0-openjdk=affected,rhel-5/java-1.7.0-oracle=affected,rhel-6/java-1.7.0-oracle=affected,rhel-7/java-1.7.0-oracle=affected,rhel-6/java-1.8.0-oracle=affected,rhel-7/java-1.8.0-oracle=affected |
Back to bug 1320650